diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php index dfb952a0951c0..46b68b1d5859a 100644 --- a/apps/oauth2/lib/Controller/OauthApiController.php +++ b/apps/oauth2/lib/Controller/OauthApiController.php @@ -28,8 +28,6 @@ */ namespace OCA\OAuth2\Controller; -use OC\Authentication\Exceptions\ExpiredTokenException; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\IProvider as TokenProvider; use OCA\OAuth2\Db\AccessTokenMapper; use OCA\OAuth2\Db\ClientMapper; @@ -39,6 +37,8 @@ use OCP\AppFramework\Http; use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Utility\ITimeFactory; +use OCP\Authentication\Exceptions\ExpiredTokenException; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\DB\Exception; use OCP\IRequest; use OCP\Security\Bruteforce\IThrottler; diff --git a/apps/oauth2/lib/Migration/SetTokenExpiration.php b/apps/oauth2/lib/Migration/SetTokenExpiration.php index 696d3b7f04afa..5a5c5ff478193 100644 --- a/apps/oauth2/lib/Migration/SetTokenExpiration.php +++ b/apps/oauth2/lib/Migration/SetTokenExpiration.php @@ -26,10 +26,10 @@ */ namespace OCA\OAuth2\Migration; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\IProvider as TokenProvider; use OCA\OAuth2\Db\AccessToken; use OCP\AppFramework\Utility\ITimeFactory; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\IDBConnection; use OCP\Migration\IOutput; use OCP\Migration\IRepairStep; diff --git a/apps/settings/lib/Controller/AuthSettingsController.php b/apps/settings/lib/Controller/AuthSettingsController.php index c0dc8cbac8517..8a01c7c2468c7 100644 --- a/apps/settings/lib/Controller/AuthSettingsController.php +++ b/apps/settings/lib/Controller/AuthSettingsController.php @@ -32,19 +32,20 @@ namespace OCA\Settings\Controller; use BadMethodCallException; -use OC\Authentication\Exceptions\ExpiredTokenException; -use OC\Authentication\Exceptions\InvalidTokenException; +use OC\Authentication\Exceptions\InvalidTokenException as OcInvalidTokenException; use OC\Authentication\Exceptions\PasswordlessTokenException; -use OC\Authentication\Exceptions\WipeTokenException; use OC\Authentication\Token\INamedToken; use OC\Authentication\Token\IProvider; -use OC\Authentication\Token\IToken; use OC\Authentication\Token\RemoteWipe; use OCA\Settings\Activity\Provider; use OCP\Activity\IManager; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\JSONResponse; +use OCP\Authentication\Exceptions\ExpiredTokenException; +use OCP\Authentication\Exceptions\InvalidTokenException; +use OCP\Authentication\Exceptions\WipeTokenException; +use OCP\Authentication\Token\IToken; use OCP\IRequest; use OCP\ISession; use OCP\IUserSession; @@ -292,7 +293,8 @@ private function findTokenByIdAndUser(int $id): IToken { $token = $e->getToken(); } if ($token->getUID() !== $this->uid) { - throw new InvalidTokenException('This token does not belong to you!'); + /** @psalm-suppress DeprecatedClass We have to throw the OC version so both OC and OCP catches catch it */ + throw new OcInvalidTokenException('This token does not belong to you!'); } return $token; } @@ -305,7 +307,7 @@ private function findTokenByIdAndUser(int $id): IToken { * @param int $id * @return JSONResponse * @throws InvalidTokenException - * @throws \OC\Authentication\Exceptions\ExpiredTokenException + * @throws ExpiredTokenException */ public function wipe(int $id): JSONResponse { if ($this->checkAppToken()) { diff --git a/apps/settings/lib/Settings/Personal/Security/Authtokens.php b/apps/settings/lib/Settings/Personal/Security/Authtokens.php index e713344ce88ce..9a7405fb7a22a 100644 --- a/apps/settings/lib/Settings/Personal/Security/Authtokens.php +++ b/apps/settings/lib/Settings/Personal/Security/Authtokens.php @@ -25,12 +25,12 @@ */ namespace OCA\Settings\Settings\Personal\Security; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\INamedToken; use OC\Authentication\Token\IProvider as IAuthTokenProvider; use OC\Authentication\Token\IToken; use OCP\AppFramework\Http\TemplateResponse; use OCP\AppFramework\Services\IInitialState; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\ISession; use OCP\IUserSession; use OCP\Session\Exceptions\SessionNotAvailableException; diff --git a/core/Controller/AppPasswordController.php b/core/Controller/AppPasswordController.php index 205381e83c11d..a4b7791997ab8 100644 --- a/core/Controller/AppPasswordController.php +++ b/core/Controller/AppPasswordController.php @@ -29,13 +29,13 @@ namespace OC\Core\Controller; use OC\Authentication\Events\AppPasswordCreatedEvent; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\OCS\OCSForbiddenException; use OCP\Authentication\Exceptions\CredentialsUnavailableException; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\Authentication\Exceptions\PasswordUnavailableException; use OCP\Authentication\LoginCredentials\IStore; use OCP\EventDispatcher\IEventDispatcher; diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php index 07a78ba368b47..40b47a6685dcd 100644 --- a/core/Controller/ClientFlowLoginController.php +++ b/core/Controller/ClientFlowLoginController.php @@ -33,7 +33,6 @@ namespace OC\Core\Controller; use OC\Authentication\Events\AppPasswordCreatedEvent; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\PasswordlessTokenException; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; @@ -47,6 +46,7 @@ use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\StandaloneTemplateResponse; use OCP\AppFramework\Utility\ITimeFactory; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\Defaults; use OCP\EventDispatcher\IEventDispatcher; use OCP\IL10N; diff --git a/core/Controller/ClientFlowLoginV2Controller.php b/core/Controller/ClientFlowLoginV2Controller.php index 8aafabf9892cb..b52672a5cccf7 100644 --- a/core/Controller/ClientFlowLoginV2Controller.php +++ b/core/Controller/ClientFlowLoginV2Controller.php @@ -27,7 +27,6 @@ */ namespace OC\Core\Controller; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Core\Db\LoginFlowV2; use OC\Core\Exception\LoginFlowV2NotFoundException; use OC\Core\Service\LoginFlowV2Service; @@ -40,6 +39,7 @@ use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\StandaloneTemplateResponse; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\Defaults; use OCP\IL10N; use OCP\IRequest; diff --git a/core/Controller/WipeController.php b/core/Controller/WipeController.php index 537fd7126f67e..c18b74e4b9618 100644 --- a/core/Controller/WipeController.php +++ b/core/Controller/WipeController.php @@ -26,11 +26,11 @@ */ namespace OC\Core\Controller; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\RemoteWipe; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\JSONResponse; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\IRequest; class WipeController extends Controller { diff --git a/core/Service/LoginFlowV2Service.php b/core/Service/LoginFlowV2Service.php index 7e254672ebdc6..e6a2d93b77da4 100644 --- a/core/Service/LoginFlowV2Service.php +++ b/core/Service/LoginFlowV2Service.php @@ -26,7 +26,6 @@ */ namespace OC\Core\Service; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\PasswordlessTokenException; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; @@ -37,6 +36,7 @@ use OC\Core\Exception\LoginFlowV2NotFoundException; use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Utility\ITimeFactory; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\IConfig; use OCP\Security\ICrypto; use OCP\Security\ISecureRandom; diff --git a/lib/private/Authentication/Events/AppPasswordCreatedEvent.php b/lib/private/Authentication/Events/AppPasswordCreatedEvent.php index a90abd2502604..068c0a732773f 100644 --- a/lib/private/Authentication/Events/AppPasswordCreatedEvent.php +++ b/lib/private/Authentication/Events/AppPasswordCreatedEvent.php @@ -25,16 +25,14 @@ */ namespace OC\Authentication\Events; -use OC\Authentication\Token\IToken; +use OCP\Authentication\Token\IToken; use OCP\EventDispatcher\Event; class AppPasswordCreatedEvent extends Event { - /** @var IToken */ - private $token; - - public function __construct(IToken $token) { + public function __construct( + private IToken $token, + ) { parent::__construct(); - $this->token = $token; } public function getToken(): IToken { diff --git a/lib/private/Authentication/LoginCredentials/Store.php b/lib/private/Authentication/LoginCredentials/Store.php index e1e2994644619..2e00ac211c1c9 100644 --- a/lib/private/Authentication/LoginCredentials/Store.php +++ b/lib/private/Authentication/LoginCredentials/Store.php @@ -26,10 +26,10 @@ */ namespace OC\Authentication\LoginCredentials; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\PasswordlessTokenException; use OC\Authentication\Token\IProvider; use OCP\Authentication\Exceptions\CredentialsUnavailableException; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\Authentication\LoginCredentials\ICredentials; use OCP\Authentication\LoginCredentials\IStore; use OCP\ISession; diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php index 4af5e2b25c343..fcec8cecac1ba 100644 --- a/lib/private/Authentication/Token/IProvider.php +++ b/lib/private/Authentication/Token/IProvider.php @@ -29,10 +29,11 @@ */ namespace OC\Authentication\Token; -use OC\Authentication\Exceptions\ExpiredTokenException; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\PasswordlessTokenException; -use OC\Authentication\Exceptions\WipeTokenException; +use OCP\Authentication\Exceptions\ExpiredTokenException; +use OCP\Authentication\Exceptions\InvalidTokenException; +use OCP\Authentication\Exceptions\WipeTokenException; +use OCP\Authentication\Token\IToken as OCPIToken; interface IProvider { /** @@ -45,7 +46,7 @@ interface IProvider { * @param string $name Name will be trimmed to 120 chars when longer * @param int $type token type * @param int $remember whether the session token should be used for remember-me - * @return IToken + * @return OCPIToken * @throws \RuntimeException when OpenSSL reports a problem */ public function generateToken(string $token, @@ -53,8 +54,8 @@ public function generateToken(string $token, string $loginName, ?string $password, string $name, - int $type = IToken::TEMPORARY_TOKEN, - int $remember = IToken::DO_NOT_REMEMBER): IToken; + int $type = OCPIToken::TEMPORARY_TOKEN, + int $remember = OCPIToken::DO_NOT_REMEMBER): OCPIToken; /** * Get a token by token id @@ -63,9 +64,9 @@ public function generateToken(string $token, * @throws InvalidTokenException * @throws ExpiredTokenException * @throws WipeTokenException - * @return IToken + * @return OCPIToken */ - public function getToken(string $tokenId): IToken; + public function getToken(string $tokenId): OCPIToken; /** * Get a token by token id @@ -74,9 +75,9 @@ public function getToken(string $tokenId): IToken; * @throws InvalidTokenException * @throws ExpiredTokenException * @throws WipeTokenException - * @return IToken + * @return OCPIToken */ - public function getTokenById(int $tokenId): IToken; + public function getTokenById(int $tokenId): OCPIToken; /** * Duplicate an existing session token @@ -85,9 +86,9 @@ public function getTokenById(int $tokenId): IToken; * @param string $sessionId * @throws InvalidTokenException * @throws \RuntimeException when OpenSSL reports a problem - * @return IToken The new token + * @return OCPIToken The new token */ - public function renewSessionToken(string $oldSessionId, string $sessionId): IToken; + public function renewSessionToken(string $oldSessionId, string $sessionId): OCPIToken; /** * Invalidate (delete) the given session token @@ -117,16 +118,16 @@ public function invalidateLastUsedBefore(string $uid, int $before): void; /** * Save the updated token * - * @param IToken $token + * @param OCPIToken $token */ - public function updateToken(IToken $token); + public function updateToken(OCPIToken $token); /** * Update token activity timestamp * - * @param IToken $token + * @param OCPIToken $token */ - public function updateTokenActivity(IToken $token); + public function updateTokenActivity(OCPIToken $token); /** * Get all tokens of a user @@ -135,49 +136,49 @@ public function updateTokenActivity(IToken $token); * where a high number of (session) tokens is generated * * @param string $uid - * @return IToken[] + * @return OCPIToken[] */ public function getTokenByUser(string $uid): array; /** * Get the (unencrypted) password of the given token * - * @param IToken $savedToken + * @param OCPIToken $savedToken * @param string $tokenId * @throws InvalidTokenException * @throws PasswordlessTokenException * @return string */ - public function getPassword(IToken $savedToken, string $tokenId): string; + public function getPassword(OCPIToken $savedToken, string $tokenId): string; /** * Encrypt and set the password of the given token * - * @param IToken $token + * @param OCPIToken $token * @param string $tokenId * @param string $password * @throws InvalidTokenException */ - public function setPassword(IToken $token, string $tokenId, string $password); + public function setPassword(OCPIToken $token, string $tokenId, string $password); /** * Rotate the token. Useful for for example oauth tokens * - * @param IToken $token + * @param OCPIToken $token * @param string $oldTokenId * @param string $newTokenId - * @return IToken + * @return OCPIToken * @throws \RuntimeException when OpenSSL reports a problem */ - public function rotate(IToken $token, string $oldTokenId, string $newTokenId): IToken; + public function rotate(OCPIToken $token, string $oldTokenId, string $newTokenId): OCPIToken; /** * Marks a token as having an invalid password. * - * @param IToken $token + * @param OCPIToken $token * @param string $tokenId */ - public function markPasswordInvalid(IToken $token, string $tokenId); + public function markPasswordInvalid(OCPIToken $token, string $tokenId); /** * Update all the passwords of $uid if required diff --git a/lib/private/Authentication/Token/Manager.php b/lib/private/Authentication/Token/Manager.php index 18ec687cac29a..e0b0e2dd14b61 100644 --- a/lib/private/Authentication/Token/Manager.php +++ b/lib/private/Authentication/Token/Manager.php @@ -28,11 +28,13 @@ namespace OC\Authentication\Token; use Doctrine\DBAL\Exception\UniqueConstraintViolationException; -use OC\Authentication\Exceptions\ExpiredTokenException; -use OC\Authentication\Exceptions\InvalidTokenException; +use OC\Authentication\Exceptions\InvalidTokenException as OcInvalidTokenException; use OC\Authentication\Exceptions\PasswordlessTokenException; -use OC\Authentication\Exceptions\WipeTokenException; +use OCP\Authentication\Exceptions\ExpiredTokenException; +use OCP\Authentication\Exceptions\InvalidTokenException; +use OCP\Authentication\Exceptions\WipeTokenException; use OCP\Authentication\Token\IProvider as OCPIProvider; +use OCP\Authentication\Token\IToken as OCPIToken; class Manager implements IProvider, OCPIProvider { /** @var PublicKeyTokenProvider */ @@ -52,15 +54,15 @@ public function __construct(PublicKeyTokenProvider $publicKeyTokenProvider) { * @param string $name Name will be trimmed to 120 chars when longer * @param int $type token type * @param int $remember whether the session token should be used for remember-me - * @return IToken + * @return OCPIToken */ public function generateToken(string $token, string $uid, string $loginName, $password, string $name, - int $type = IToken::TEMPORARY_TOKEN, - int $remember = IToken::DO_NOT_REMEMBER): IToken { + int $type = OCPIToken::TEMPORARY_TOKEN, + int $remember = OCPIToken::DO_NOT_REMEMBER): OCPIToken { if (mb_strlen($name) > 128) { $name = mb_substr($name, 0, 120) . '…'; } @@ -93,10 +95,10 @@ public function generateToken(string $token, /** * Save the updated token * - * @param IToken $token + * @param OCPIToken $token * @throws InvalidTokenException */ - public function updateToken(IToken $token) { + public function updateToken(OCPIToken $token) { $provider = $this->getProvider($token); $provider->updateToken($token); } @@ -105,16 +107,16 @@ public function updateToken(IToken $token) { * Update token activity timestamp * * @throws InvalidTokenException - * @param IToken $token + * @param OCPIToken $token */ - public function updateTokenActivity(IToken $token) { + public function updateTokenActivity(OCPIToken $token) { $provider = $this->getProvider($token); $provider->updateTokenActivity($token); } /** * @param string $uid - * @return IToken[] + * @return OCPIToken[] */ public function getTokenByUser(string $uid): array { return $this->publicKeyTokenProvider->getTokenByUser($uid); @@ -126,9 +128,9 @@ public function getTokenByUser(string $uid): array { * @param string $tokenId * @throws InvalidTokenException * @throws \RuntimeException when OpenSSL reports a problem - * @return IToken + * @return OCPIToken */ - public function getToken(string $tokenId): IToken { + public function getToken(string $tokenId): OCPIToken { try { return $this->publicKeyTokenProvider->getToken($tokenId); } catch (WipeTokenException $e) { @@ -145,9 +147,9 @@ public function getToken(string $tokenId): IToken { * * @param int $tokenId * @throws InvalidTokenException - * @return IToken + * @return OCPIToken */ - public function getTokenById(int $tokenId): IToken { + public function getTokenById(int $tokenId): OCPIToken { try { return $this->publicKeyTokenProvider->getTokenById($tokenId); } catch (ExpiredTokenException $e) { @@ -163,9 +165,9 @@ public function getTokenById(int $tokenId): IToken { * @param string $oldSessionId * @param string $sessionId * @throws InvalidTokenException - * @return IToken + * @return OCPIToken */ - public function renewSessionToken(string $oldSessionId, string $sessionId): IToken { + public function renewSessionToken(string $oldSessionId, string $sessionId): OCPIToken { try { return $this->publicKeyTokenProvider->renewSessionToken($oldSessionId, $sessionId); } catch (ExpiredTokenException $e) { @@ -176,18 +178,18 @@ public function renewSessionToken(string $oldSessionId, string $sessionId): ITok } /** - * @param IToken $savedToken + * @param OCPIToken $savedToken * @param string $tokenId session token * @throws InvalidTokenException * @throws PasswordlessTokenException * @return string */ - public function getPassword(IToken $savedToken, string $tokenId): string { + public function getPassword(OCPIToken $savedToken, string $tokenId): string { $provider = $this->getProvider($savedToken); return $provider->getPassword($savedToken, $tokenId); } - public function setPassword(IToken $token, string $tokenId, string $password) { + public function setPassword(OCPIToken $token, string $tokenId, string $password) { $provider = $this->getProvider($token); $provider->setPassword($token, $tokenId, $password); } @@ -209,35 +211,37 @@ public function invalidateLastUsedBefore(string $uid, int $before): void { } /** - * @param IToken $token + * @param OCPIToken $token * @param string $oldTokenId * @param string $newTokenId - * @return IToken + * @return OCPIToken * @throws InvalidTokenException * @throws \RuntimeException when OpenSSL reports a problem */ - public function rotate(IToken $token, string $oldTokenId, string $newTokenId): IToken { + public function rotate(OCPIToken $token, string $oldTokenId, string $newTokenId): OCPIToken { if ($token instanceof PublicKeyToken) { return $this->publicKeyTokenProvider->rotate($token, $oldTokenId, $newTokenId); } - throw new InvalidTokenException(); + /** @psalm-suppress DeprecatedClass We have to throw the OC version so both OC and OCP catches catch it */ + throw new OcInvalidTokenException(); } /** - * @param IToken $token + * @param OCPIToken $token * @return IProvider * @throws InvalidTokenException */ - private function getProvider(IToken $token): IProvider { + private function getProvider(OCPIToken $token): IProvider { if ($token instanceof PublicKeyToken) { return $this->publicKeyTokenProvider; } - throw new InvalidTokenException(); + /** @psalm-suppress DeprecatedClass We have to throw the OC version so both OC and OCP catches catch it */ + throw new OcInvalidTokenException(); } - public function markPasswordInvalid(IToken $token, string $tokenId) { + public function markPasswordInvalid(OCPIToken $token, string $tokenId) { $this->getProvider($token)->markPasswordInvalid($token, $tokenId); } diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index a88194726ae78..490f6830a8568 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -37,6 +37,7 @@ use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Db\TTransactional; use OCP\AppFramework\Utility\ITimeFactory; +use OCP\Authentication\Token\IToken as OCPIToken; use OCP\Cache\CappedMemoryCache; use OCP\IConfig; use OCP\IDBConnection; @@ -98,8 +99,8 @@ public function generateToken(string $token, string $loginName, ?string $password, string $name, - int $type = IToken::TEMPORARY_TOKEN, - int $remember = IToken::DO_NOT_REMEMBER): IToken { + int $type = OCPIToken::TEMPORARY_TOKEN, + int $remember = OCPIToken::DO_NOT_REMEMBER): OCPIToken { if (strlen($token) < self::TOKEN_MIN_LENGTH) { $exception = new InvalidTokenException('Token is too short, minimum of ' . self::TOKEN_MIN_LENGTH . ' characters is required, ' . strlen($token) . ' characters given'); $this->logger->error('Invalid token provided when generating new token', ['exception' => $exception]); @@ -133,7 +134,7 @@ public function generateToken(string $token, return $dbToken; } - public function getToken(string $tokenId): IToken { + public function getToken(string $tokenId): OCPIToken { /** * Token length: 72 * @see \OC\Core\Controller\ClientFlowLoginController::generateAppPassword @@ -183,7 +184,7 @@ public function getToken(string $tokenId): IToken { throw new ExpiredTokenException($token); } - if ($token->getType() === IToken::WIPE_TOKEN) { + if ($token->getType() === OCPIToken::WIPE_TOKEN) { throw new WipeTokenException($token); } @@ -195,7 +196,7 @@ public function getToken(string $tokenId): IToken { return $token; } - public function getTokenById(int $tokenId): IToken { + public function getTokenById(int $tokenId): OCPIToken { try { $token = $this->mapper->getTokenById($tokenId); } catch (DoesNotExistException $ex) { @@ -206,7 +207,7 @@ public function getTokenById(int $tokenId): IToken { throw new ExpiredTokenException($token); } - if ($token->getType() === IToken::WIPE_TOKEN) { + if ($token->getType() === OCPIToken::WIPE_TOKEN) { throw new WipeTokenException($token); } @@ -218,7 +219,7 @@ public function getTokenById(int $tokenId): IToken { return $token; } - public function renewSessionToken(string $oldSessionId, string $sessionId): IToken { + public function renewSessionToken(string $oldSessionId, string $sessionId): OCPIToken { $this->cache->clear(); return $this->atomic(function () use ($oldSessionId, $sessionId) { @@ -239,7 +240,7 @@ public function renewSessionToken(string $oldSessionId, string $sessionId): ITok $token->getLoginName(), $password, $token->getName(), - IToken::TEMPORARY_TOKEN, + OCPIToken::TEMPORARY_TOKEN, $token->getRemember() ); @@ -267,10 +268,10 @@ public function invalidateOldTokens() { $olderThan = $this->time->getTime() - $this->config->getSystemValueInt('session_lifetime', 60 * 60 * 24); $this->logger->debug('Invalidating session tokens older than ' . date('c', $olderThan), ['app' => 'cron']); - $this->mapper->invalidateOld($olderThan, IToken::DO_NOT_REMEMBER); + $this->mapper->invalidateOld($olderThan, OCPIToken::DO_NOT_REMEMBER); $rememberThreshold = $this->time->getTime() - $this->config->getSystemValueInt('remember_login_cookie_lifetime', 60 * 60 * 24 * 15); $this->logger->debug('Invalidating remembered session tokens older than ' . date('c', $rememberThreshold), ['app' => 'cron']); - $this->mapper->invalidateOld($rememberThreshold, IToken::REMEMBER); + $this->mapper->invalidateOld($rememberThreshold, OCPIToken::REMEMBER); } public function invalidateLastUsedBefore(string $uid, int $before): void { @@ -279,7 +280,7 @@ public function invalidateLastUsedBefore(string $uid, int $before): void { $this->mapper->invalidateLastUsedBefore($uid, $before); } - public function updateToken(IToken $token) { + public function updateToken(OCPIToken $token) { $this->cache->clear(); if (!($token instanceof PublicKeyToken)) { @@ -288,7 +289,7 @@ public function updateToken(IToken $token) { $this->mapper->update($token); } - public function updateTokenActivity(IToken $token) { + public function updateTokenActivity(OCPIToken $token) { $this->cache->clear(); if (!($token instanceof PublicKeyToken)) { @@ -310,7 +311,7 @@ public function getTokenByUser(string $uid): array { return $this->mapper->getTokenByUser($uid); } - public function getPassword(IToken $savedToken, string $tokenId): string { + public function getPassword(OCPIToken $savedToken, string $tokenId): string { if (!($savedToken instanceof PublicKeyToken)) { throw new InvalidTokenException("Invalid token type"); } @@ -326,7 +327,7 @@ public function getPassword(IToken $savedToken, string $tokenId): string { return $this->decryptPassword($savedToken->getPassword(), $privateKey); } - public function setPassword(IToken $token, string $tokenId, string $password) { + public function setPassword(OCPIToken $token, string $tokenId, string $password) { $this->cache->clear(); if (!($token instanceof PublicKeyToken)) { @@ -353,7 +354,7 @@ private function hashPassword(string $password): string { return $this->hasher->hash(sha1($password) . $password); } - public function rotate(IToken $token, string $oldTokenId, string $newTokenId): IToken { + public function rotate(OCPIToken $token, string $oldTokenId, string $newTokenId): OCPIToken { $this->cache->clear(); if (!($token instanceof PublicKeyToken)) { @@ -478,7 +479,7 @@ private function newToken(string $token, return $dbToken; } - public function markPasswordInvalid(IToken $token, string $tokenId) { + public function markPasswordInvalid(OCPIToken $token, string $tokenId) { $this->cache->clear(); if (!($token instanceof PublicKeyToken)) { diff --git a/lib/private/Authentication/Token/RemoteWipe.php b/lib/private/Authentication/Token/RemoteWipe.php index e4882f678d979..f5267764e24ca 100644 --- a/lib/private/Authentication/Token/RemoteWipe.php +++ b/lib/private/Authentication/Token/RemoteWipe.php @@ -29,8 +29,8 @@ use OC\Authentication\Events\RemoteWipeFinished; use OC\Authentication\Events\RemoteWipeStarted; -use OC\Authentication\Exceptions\InvalidTokenException; -use OC\Authentication\Exceptions\WipeTokenException; +use OCP\Authentication\Exceptions\InvalidTokenException; +use OCP\Authentication\Exceptions\WipeTokenException; use OCP\EventDispatcher\IEventDispatcher; use OCP\IUser; use Psr\Log\LoggerInterface; diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php index 4defcb9a58502..3870c797f8dcf 100644 --- a/lib/private/Authentication/TwoFactorAuth/Manager.php +++ b/lib/private/Authentication/TwoFactorAuth/Manager.php @@ -29,10 +29,10 @@ use BadMethodCallException; use Exception; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\IProvider as TokenProvider; use OCP\Activity\IManager; use OCP\AppFramework\Utility\ITimeFactory; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin; use OCP\Authentication\TwoFactorAuth\IProvider; use OCP\Authentication\TwoFactorAuth\IRegistry; diff --git a/lib/private/Session/Internal.php b/lib/private/Session/Internal.php index e8e2a4f2d8e43..5fb9b05c5f4f3 100644 --- a/lib/private/Session/Internal.php +++ b/lib/private/Session/Internal.php @@ -33,8 +33,8 @@ */ namespace OC\Session; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\IProvider; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\Session\Exceptions\SessionNotAvailableException; /** diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 5689de3995f76..02a7a7e9e16d7 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -39,8 +39,6 @@ namespace OC\User; use OC; -use OC\Authentication\Exceptions\ExpiredTokenException; -use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\PasswordlessTokenException; use OC\Authentication\Exceptions\PasswordLoginForbiddenException; use OC\Authentication\Token\IProvider; @@ -51,6 +49,8 @@ use OC_Util; use OCA\DAV\Connector\Sabre\Auth; use OCP\AppFramework\Utility\ITimeFactory; +use OCP\Authentication\Exceptions\ExpiredTokenException; +use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\EventDispatcher\GenericEvent; use OCP\EventDispatcher\IEventDispatcher; use OCP\Files\NotPermittedException;