/**
* @NoAdminRequired
* @NoSubadminRequired
*
* @return JSONResponse
*/
public function create($name)
{
try {
$sessionId = $this->session->getId();
} catch (SessionNotAvailableException $ex) {
$resp = new JSONResponse();
$resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
return $resp;
}
try {
$sessionToken = $this->tokenProvider->getToken($sessionId);
$loginName = $sessionToken->getLoginName();
try {
$password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
} catch (PasswordlessTokenException $ex) {
$password = null;
}
} catch (InvalidTokenException $ex) {
$resp = new JSONResponse();
$resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE);
return $resp;
}
$token = $this->generateRandomDeviceToken();
$deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN);
return ['token' => $token, 'deviceToken' => $deviceToken];
}
/**
* @param IToken $dbToken
* @param string $token
* @return boolean
*/
private function checkTokenCredentials(IToken $dbToken, $token)
{
// Check whether login credentials are still valid and the user was not disabled
// This check is performed each 5 minutes
$lastCheck = $dbToken->getLastCheck() ?: 0;
$now = $this->timeFacory->getTime();
if ($lastCheck > $now - 60 * 5) {
// Checked performed recently, nothing to do now
return true;
}
try {
$pwd = $this->tokenProvider->getPassword($dbToken, $token);
} catch (InvalidTokenException $ex) {
// An invalid token password was used -> log user out
return false;
} catch (PasswordlessTokenException $ex) {
// Token has no password
if (!is_null($this->activeUser) && !$this->activeUser->isEnabled()) {
$this->tokenProvider->invalidateToken($token);
return false;
}
$dbToken->setLastCheck($now);
$this->tokenProvider->updateToken($dbToken);
return true;
}
if ($this->manager->checkPassword($dbToken->getLoginName(), $pwd) === false || !is_null($this->activeUser) && !$this->activeUser->isEnabled()) {
$this->tokenProvider->invalidateToken($token);
// Password has changed or user was disabled -> log user out
return false;
}
$dbToken->setLastCheck($now);
$this->tokenProvider->updateToken($dbToken);
return true;
}
/**
* Checks if the given password is a token.
* If yes, the password is extracted from the token.
* If no, the same password is returned.
*
* @param string $password either the login password or a device token
* @return string|null the password or null if none was set in the token
*/
private function getPassword($password)
{
if (is_null($password)) {
// This is surely no token ;-)
return null;
}
try {
$token = $this->tokenProvider->getToken($password);
try {
return $this->tokenProvider->getPassword($token, $password);
} catch (PasswordlessTokenException $ex) {
return null;
}
} catch (InvalidTokenException $ex) {
return $password;
}
}
/**
* @NoAdminRequired
* @NoSubadminRequired
*
* @return JSONResponse
*/
public function create($name)
{
try {
$sessionId = $this->session->getId();
} catch (SessionNotAvailableException $ex) {
return $this->getServiceNotAvailableResponse();
}
try {
$sessionToken = $this->tokenProvider->getToken($sessionId);
$loginName = $sessionToken->getLoginName();
try {
$password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
} catch (PasswordlessTokenException $ex) {
$password = null;
}
} catch (InvalidTokenException $ex) {
return $this->getServiceNotAvailableResponse();
}
$token = $this->generateRandomDeviceToken();
$deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN);
return ['token' => $token, 'loginName' => $loginName, 'deviceToken' => $deviceToken];
}
