protected function run($argument)
{
$target = $argument['url'];
$source = $this->urlGenerator->getAbsoluteURL('/');
$source = rtrim($source, '/');
$token = $argument['token'];
try {
$result = $this->httpClient->get($target . $this->endPoint, ['query' => ['url' => $source, 'token' => $token], 'timeout' => 3, 'connect_timeout' => 3]);
$status = $result->getStatusCode();
} catch (ClientException $e) {
$status = $e->getCode();
$this->logger->logException($e);
}
// if we received a unexpected response we try again later
if ($status !== Http::STATUS_OK && $status !== Http::STATUS_FORBIDDEN) {
$this->jobList->add('OCA\\Federation\\BackgroundJob\\GetSharedSecret', $argument);
} else {
// reset token if we received a valid response
$this->dbHandler->addToken($target, '');
}
if ($status === Http::STATUS_OK) {
$body = $result->getBody();
$result = json_decode($body, true);
if (isset($result['ocs']['data']['sharedSecret'])) {
$this->trustedServers->addSharedSecret($target, $result['ocs']['data']['sharedSecret']);
} else {
$this->logger->error('remote server "' . $target . '"" does not return a valid shared secret', ['app' => 'federation']);
$this->trustedServers->setServerStatus($target, TrustedServers::STATUS_FAILURE);
}
}
}
protected function run($argument)
{
$target = $argument['url'];
$source = $this->urlGenerator->getAbsoluteURL('/');
$source = rtrim($source, '/');
$token = $argument['token'];
try {
$result = $this->httpClient->post($target . $this->endPoint, ['body' => ['url' => $source, 'token' => $token], 'timeout' => 3, 'connect_timeout' => 3]);
$status = $result->getStatusCode();
} catch (ClientException $e) {
$status = $e->getCode();
$this->logger->logException($e);
} catch (\Exception $e) {
$status = HTTP::STATUS_INTERNAL_SERVER_ERROR;
$this->logger->logException($e);
}
// if we received a unexpected response we try again later
if ($status !== Http::STATUS_OK && $status !== Http::STATUS_FORBIDDEN) {
$this->jobList->add('OCA\\Federation\\BackgroundJob\\RequestSharedSecret', $argument);
}
if ($status === Http::STATUS_FORBIDDEN) {
// clear token if remote server refuses to ask for shared secret
$this->dbHandler->addToken($target, '');
}
}
/**
* create shared secret and return it
*
* @return \OC_OCS_Result
*/
public function getSharedSecret()
{
$url = $this->request->getParam('url');
$token = $this->request->getParam('token');
if ($this->trustedServers->isTrustedServer($url) === false || $this->isValidToken($url, $token) === false) {
return new \OC_OCS_Result(null, HTTP::STATUS_FORBIDDEN);
}
$sharedSecret = $this->secureRandom->getMediumStrengthGenerator()->generate(32);
$this->trustedServers->addSharedSecret($url, $sharedSecret);
// reset token after the exchange of the shared secret was successful
$this->dbHandler->addToken($url, '');
return new \OC_OCS_Result(['sharedSecret' => $sharedSecret], Http::STATUS_OK);
}
/**
* create shared secret and return it
*
* @return \OC_OCS_Result
*/
public function getSharedSecret()
{
$url = $this->request->getParam('url');
$token = $this->request->getParam('token');
if ($this->trustedServers->isTrustedServer($url) === false) {
$this->logger->log(\OCP\Util::ERROR, 'remote server not trusted (' . $url . ') while getting shared secret');
return new \OC_OCS_Result(null, HTTP::STATUS_FORBIDDEN);
}
if ($this->isValidToken($url, $token) === false) {
$this->logger->log(\OCP\Util::ERROR, 'remote server (' . $url . ') didn\'t send a valid token (got ' . $token . ') while getting shared secret');
return new \OC_OCS_Result(null, HTTP::STATUS_FORBIDDEN);
}
$sharedSecret = $this->secureRandom->generate(32);
$this->trustedServers->addSharedSecret($url, $sharedSecret);
// reset token after the exchange of the shared secret was successful
$this->dbHandler->addToken($url, '');
return new \OC_OCS_Result(['sharedSecret' => $sharedSecret], Http::STATUS_OK);
}
protected function run($argument)
{
$target = $argument['url'];
$source = $this->urlGenerator->getAbsoluteURL('/');
$source = rtrim($source, '/');
$token = $argument['token'];
$result = null;
try {
$result = $this->httpClient->get($target . $this->endPoint, ['query' => ['url' => $source, 'token' => $token], 'timeout' => 3, 'connect_timeout' => 3]);
$status = $result->getStatusCode();
} catch (ClientException $e) {
$status = $e->getCode();
if ($status === Http::STATUS_FORBIDDEN) {
$this->logger->info($target . ' refused to exchange a shared secret with you.', ['app' => 'federation']);
} else {
$this->logger->logException($e, ['app' => 'federation']);
}
} catch (\Exception $e) {
$status = Http::STATUS_INTERNAL_SERVER_ERROR;
$this->logger->logException($e, ['app' => 'federation']);
}
// if we received a unexpected response we try again later
if ($status !== Http::STATUS_OK && $status !== Http::STATUS_FORBIDDEN) {
$this->retainJob = true;
} else {
// reset token if we received a valid response
$this->dbHandler->addToken($target, '');
}
if ($status === Http::STATUS_OK && $result instanceof IResponse) {
$body = $result->getBody();
$result = json_decode($body, true);
if (isset($result['ocs']['data']['sharedSecret'])) {
$this->trustedServers->addSharedSecret($target, $result['ocs']['data']['sharedSecret']);
} else {
$this->logger->error('remote server "' . $target . '"" does not return a valid shared secret', ['app' => 'federation']);
$this->trustedServers->setServerStatus($target, TrustedServers::STATUS_FAILURE);
}
}
}
public function testGetToken()
{
$this->dbHandler->addServer('server1');
$this->dbHandler->addToken('http://server1', 'token');
$this->assertSame('token', $this->dbHandler->getToken('https://server1'));
}