/** * @NoAdminRequired * @NoSubadminRequired * * @return JSONResponse */ public function create($name) { try { $sessionId = $this->session->getId(); } catch (SessionNotAvailableException $ex) { $resp = new JSONResponse(); $resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE); return $resp; } try { $sessionToken = $this->tokenProvider->getToken($sessionId); $loginName = $sessionToken->getLoginName(); try { $password = $this->tokenProvider->getPassword($sessionToken, $sessionId); } catch (PasswordlessTokenException $ex) { $password = null; } } catch (InvalidTokenException $ex) { $resp = new JSONResponse(); $resp->setStatus(Http::STATUS_SERVICE_UNAVAILABLE); return $resp; } $token = $this->generateRandomDeviceToken(); $deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN); return ['token' => $token, 'deviceToken' => $deviceToken]; }
/** * @param IToken $dbToken * @param string $token * @return boolean */ private function checkTokenCredentials(IToken $dbToken, $token) { // Check whether login credentials are still valid and the user was not disabled // This check is performed each 5 minutes $lastCheck = $dbToken->getLastCheck() ?: 0; $now = $this->timeFacory->getTime(); if ($lastCheck > $now - 60 * 5) { // Checked performed recently, nothing to do now return true; } try { $pwd = $this->tokenProvider->getPassword($dbToken, $token); } catch (InvalidTokenException $ex) { // An invalid token password was used -> log user out return false; } catch (PasswordlessTokenException $ex) { // Token has no password if (!is_null($this->activeUser) && !$this->activeUser->isEnabled()) { $this->tokenProvider->invalidateToken($token); return false; } $dbToken->setLastCheck($now); $this->tokenProvider->updateToken($dbToken); return true; } if ($this->manager->checkPassword($dbToken->getLoginName(), $pwd) === false || !is_null($this->activeUser) && !$this->activeUser->isEnabled()) { $this->tokenProvider->invalidateToken($token); // Password has changed or user was disabled -> log user out return false; } $dbToken->setLastCheck($now); $this->tokenProvider->updateToken($dbToken); return true; }
/** * Checks if the given password is a token. * If yes, the password is extracted from the token. * If no, the same password is returned. * * @param string $password either the login password or a device token * @return string|null the password or null if none was set in the token */ private function getPassword($password) { if (is_null($password)) { // This is surely no token ;-) return null; } try { $token = $this->tokenProvider->getToken($password); try { return $this->tokenProvider->getPassword($token, $password); } catch (PasswordlessTokenException $ex) { return null; } } catch (InvalidTokenException $ex) { return $password; } }
/** * @NoAdminRequired * @NoSubadminRequired * * @return JSONResponse */ public function create($name) { try { $sessionId = $this->session->getId(); } catch (SessionNotAvailableException $ex) { return $this->getServiceNotAvailableResponse(); } try { $sessionToken = $this->tokenProvider->getToken($sessionId); $loginName = $sessionToken->getLoginName(); try { $password = $this->tokenProvider->getPassword($sessionToken, $sessionId); } catch (PasswordlessTokenException $ex) { $password = null; } } catch (InvalidTokenException $ex) { return $this->getServiceNotAvailableResponse(); } $token = $this->generateRandomDeviceToken(); $deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN); return ['token' => $token, 'loginName' => $loginName, 'deviceToken' => $deviceToken]; }