protected function setUp() {
parent::setUp();
$this->jobList = \OC::$server->getJobList();
$this->jobList->add('OC\Cache\FileGlobalGC');
$this->jobList->add('OC_Cache_FileGlobalGC');
}
/**
* @return \OC_OCS_Result
*/
public function enableMonthly()
{
$this->jobList->add('OCA\\PopularityContestClient\\MonthlyReport');
$notification = $this->manager->createNotification();
$notification->setApp('popularitycontestclient');
$this->manager->markProcessed($notification);
return new \OC_OCS_Result();
}
/**
* Schedule a command to be fired
*
* @param \OCP\Command\ICommand | callable $command
*/
public function push($command)
{
if ($this->canRunAsync($command)) {
$this->jobList->add($this->getJobClass($command), $this->serializeCommand($command));
} else {
$this->runCommand($command);
}
}
/**
* @return DataResponse
*/
public function createCredentials()
{
// Create a new job and store the creation date
$this->jobList->add('OCA\\UpdateNotification\\ResetTokenBackgroundJob');
$this->config->setAppValue('core', 'updater.secret.created', $this->timeFactory->getTime());
// Create a new token
$newToken = $this->secureRandom->generate(64);
$this->config->setSystemValue('updater.secret', password_hash($newToken, PASSWORD_DEFAULT));
return new DataResponse($newToken);
}
/**
* add server to the list of trusted ownCloud servers
*
* @param $url
* @return int server id
*/
public function addServer($url)
{
$url = $this->updateProtocol($url);
$result = $this->dbHandler->addServer($url);
if ($result) {
$token = $this->secureRandom->generate(16);
$this->dbHandler->addToken($url, $token);
$this->jobList->add('OCA\\Federation\\BackgroundJob\\RequestSharedSecret', ['url' => $url, 'token' => $token]);
}
return $result;
}
protected function run($argument)
{
$target = $argument['url'];
$source = $this->urlGenerator->getAbsoluteURL('/');
$source = rtrim($source, '/');
$token = $argument['token'];
try {
$result = $this->httpClient->get($target . $this->endPoint, ['query' => ['url' => $source, 'token' => $token], 'timeout' => 3, 'connect_timeout' => 3]);
$status = $result->getStatusCode();
} catch (ClientException $e) {
$status = $e->getCode();
$this->logger->logException($e);
}
// if we received a unexpected response we try again later
if ($status !== Http::STATUS_OK && $status !== Http::STATUS_FORBIDDEN) {
$this->jobList->add('OCA\\Federation\\BackgroundJob\\GetSharedSecret', $argument);
} else {
// reset token if we received a valid response
$this->dbHandler->addToken($target, '');
}
if ($status === Http::STATUS_OK) {
$body = $result->getBody();
$result = json_decode($body, true);
if (isset($result['ocs']['data']['sharedSecret'])) {
$this->trustedServers->addSharedSecret($target, $result['ocs']['data']['sharedSecret']);
} else {
$this->logger->error('remote server "' . $target . '"" does not return a valid shared secret', ['app' => 'federation']);
$this->trustedServers->setServerStatus($target, TrustedServers::STATUS_FAILURE);
}
}
}
protected function run($argument)
{
$target = $argument['url'];
$source = $this->urlGenerator->getAbsoluteURL('/');
$source = rtrim($source, '/');
$token = $argument['token'];
try {
$result = $this->httpClient->post($target . $this->endPoint, ['body' => ['url' => $source, 'token' => $token], 'timeout' => 3, 'connect_timeout' => 3]);
$status = $result->getStatusCode();
} catch (ClientException $e) {
$status = $e->getCode();
$this->logger->logException($e);
} catch (\Exception $e) {
$status = HTTP::STATUS_INTERNAL_SERVER_ERROR;
$this->logger->logException($e);
}
// if we received a unexpected response we try again later
if ($status !== Http::STATUS_OK && $status !== Http::STATUS_FORBIDDEN) {
$this->jobList->add('OCA\\Federation\\BackgroundJob\\RequestSharedSecret', $argument);
}
if ($status === Http::STATUS_FORBIDDEN) {
// clear token if remote server refuses to ask for shared secret
$this->dbHandler->addToken($target, '');
}
}
/**
* request received to ask remote server for a shared secret
*
* @return \OC_OCS_Result
*/
public function requestSharedSecret()
{
$url = $this->request->getParam('url');
$token = $this->request->getParam('token');
if ($this->trustedServers->isTrustedServer($url) === false) {
return new \OC_OCS_Result(null, HTTP::STATUS_FORBIDDEN);
}
// if both server initiated the exchange of the shared secret the greater
// token wins
$localToken = $this->dbHandler->getToken($url);
if (strcmp($localToken, $token) > 0) {
return new \OC_OCS_Result(null, HTTP::STATUS_FORBIDDEN);
}
$this->jobList->add('OCA\\Federation\\BackgroundJob\\GetSharedSecret', ['url' => $url, 'token' => $token]);
return new \OC_OCS_Result(null, Http::STATUS_OK);
}
/**
* send server-to-server unshare to remote server
*
* @param string $remote url
* @param int $id share id
* @param string $token
* @param int $try how often did we already tried to send the un-share request
* @return bool
*/
public function sendRemoteUnShare($remote, $id, $token, $try = 0)
{
$url = rtrim($remote, '/');
$fields = array('token' => $token, 'format' => 'json');
$url = $this->addressHandler->removeProtocolFromUrl($url);
$result = $this->tryHttpPostToShareEndpoint($url, '/' . $id . '/unshare', $fields);
$status = json_decode($result['result'], true);
if ($result['success'] && ($status['ocs']['meta']['statuscode'] === 100 || $status['ocs']['meta']['statuscode'] === 200)) {
return true;
} elseif ($try === 0) {
// only add new job on first try
$this->jobList->add('OCA\\FederatedFileSharing\\BackgroundJob\\UnShare', ['remote' => $remote, 'id' => $id, 'token' => $token, 'try' => $try, 'lastRun' => $this->getTimestamp()]);
}
return false;
}
/**
* inform remote server whether server-to-server share was accepted/declined
*
* @param string $remote
* @param string $token
* @param int $remoteId Share id on the remote host
* @param string $action possible actions: accept, decline, unshare, revoke, permissions
* @param array $data
* @param int $try
* @return boolean
*/
public function sendUpdateToRemote($remote, $remoteId, $token, $action, $data = [], $try = 0)
{
$fields = array('token' => $token);
foreach ($data as $key => $value) {
$fields[$key] = $value;
}
$url = $this->addressHandler->removeProtocolFromUrl($remote);
$result = $this->tryHttpPostToShareEndpoint(rtrim($url, '/'), '/' . $remoteId . '/' . $action, $fields);
$status = json_decode($result['result'], true);
if ($result['success'] && ($status['ocs']['meta']['statuscode'] === 100 || $status['ocs']['meta']['statuscode'] === 200)) {
return true;
} elseif ($try === 0) {
// only add new job on first try
$this->jobList->add('OCA\\FederatedFileSharing\\BackgroundJob\\RetryJob', ['remote' => $remote, 'remoteId' => $remoteId, 'token' => $token, 'action' => $action, 'data' => json_encode($data), 'try' => $try, 'lastRun' => $this->getTimestamp()]);
}
return false;
}
/**
* request received to ask remote server for a shared secret
*
* @return \OC_OCS_Result
*/
public function requestSharedSecret()
{
$url = $this->request->getParam('url');
$token = $this->request->getParam('token');
if ($this->trustedServers->isTrustedServer($url) === false) {
$this->logger->log(\OCP\Util::ERROR, 'remote server not trusted (' . $url . ') while requesting shared secret', ['app' => 'federation']);
return new \OC_OCS_Result(null, HTTP::STATUS_FORBIDDEN);
}
// if both server initiated the exchange of the shared secret the greater
// token wins
$localToken = $this->dbHandler->getToken($url);
if (strcmp($localToken, $token) > 0) {
$this->logger->log(\OCP\Util::ERROR, 'remote server (' . $url . ') presented lower token', ['app' => 'federation']);
return new \OC_OCS_Result(null, HTTP::STATUS_FORBIDDEN);
}
$this->jobList->add('OCA\\Federation\\BackgroundJob\\GetSharedSecret', ['url' => $url, 'token' => $token]);
return new \OC_OCS_Result(null, Http::STATUS_OK);
}
/**
* re-add background job with new arguments
*
* @param IJobList $jobList
* @param array $argument
*/
protected function reAddJob(IJobList $jobList, array $argument)
{
$jobList->add('OCA\\FederatedFileSharing\\BackgroundJob\\UnShare', ['remote' => $argument['remote'], 'id' => $argument['id'], 'token' => $argument['token'], 'try' => (int) $argument['try'] + 1, 'lastRun' => time()]);
}
