sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 

Signed-off-by: Joas Schilling <coding@schilljs.com>
pull/40079/head
Joas Schilling 2023-08-28 15:50:45 +07:00
parent ac3d7e3a7e
commit 25309bcb45
No known key found for this signature in database
GPG Key ID: 74434EFE0D2E2205
22 changed files with 67 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/dav/lib/Connector/PublicAuth.php
Unescape Escape View File

@ -29,9 +29,9 @@
*/ */
namespace OCA\DAV\Connector; namespace OCA\DAV\Connector;
use OC\Security\Bruteforce\Throttler;
use OCP\IRequest; use OCP\IRequest;
use OCP\ISession; use OCP\ISession;
use OCP\Security\Bruteforce\IThrottler;
use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\Exceptions\ShareNotFound;
use OCP\Share\IManager; use OCP\Share\IManager;
use OCP\Share\IShare; use OCP\Share\IShare;
@ -48,12 +48,12 @@ class PublicAuth extends AbstractBasic {
private IManager $shareManager; private IManager $shareManager;
private ISession $session; private ISession $session;
private IRequest $request; private IRequest $request;
private Throttler $throttler; private IThrottler $throttler;
public function __construct(IRequest $request, public function __construct(IRequest $request,
IManager $shareManager, IManager $shareManager,
ISession $session, ISession $session,
Throttler $throttler) { IThrottler $throttler) {
$this->request = $request; $this->request = $request;
$this->shareManager = $shareManager; $this->shareManager = $shareManager;
$this->session = $session; $this->session = $session;

6
apps/dav/lib/Connector/Sabre/Auth.php
Unescape Escape View File

@ -36,12 +36,12 @@ namespace OCA\DAV\Connector\Sabre;
use Exception; use Exception;
use OC\Authentication\Exceptions\PasswordLoginForbiddenException; use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
use OC\Authentication\TwoFactorAuth\Manager; use OC\Authentication\TwoFactorAuth\Manager;
use OC\Security\Bruteforce\Throttler;
use OC\User\Session; use OC\User\Session;
use OCA\DAV\Connector\Sabre\Exception\PasswordLoginForbidden; use OCA\DAV\Connector\Sabre\Exception\PasswordLoginForbidden;
use OCA\DAV\Connector\Sabre\Exception\TooManyRequests; use OCA\DAV\Connector\Sabre\Exception\TooManyRequests;
use OCP\IRequest; use OCP\IRequest;
use OCP\ISession; use OCP\ISession;
use OCP\Security\Bruteforce\IThrottler;
use OCP\Security\Bruteforce\MaxDelayReached; use OCP\Security\Bruteforce\MaxDelayReached;
use Psr\Log\LoggerInterface; use Psr\Log\LoggerInterface;
use Sabre\DAV\Auth\Backend\AbstractBasic; use Sabre\DAV\Auth\Backend\AbstractBasic;
@ -58,13 +58,13 @@ class Auth extends AbstractBasic {
private IRequest $request; private IRequest $request;
private ?string $currentUser = null; private ?string $currentUser = null;
private Manager $twoFactorManager; private Manager $twoFactorManager;
private Throttler $throttler; private IThrottler $throttler;
public function __construct(ISession $session, public function __construct(ISession $session,
Session $userSession, Session $userSession,
IRequest $request, IRequest $request,
Manager $twoFactorManager, Manager $twoFactorManager,
Throttler $throttler, IThrottler $throttler,
string $principalPrefix = 'principals/users/') { string $principalPrefix = 'principals/users/') {
$this->session = $session; $this->session = $session;
$this->userSession = $userSession; $this->userSession = $userSession;

8
apps/dav/lib/Direct/DirectHome.php
Unescape Escape View File

@ -26,13 +26,13 @@ declare(strict_types=1);
*/ */
namespace OCA\DAV\Direct; namespace OCA\DAV\Direct;
use OC\Security\Bruteforce\Throttler;
use OCA\DAV\Db\DirectMapper; use OCA\DAV\Db\DirectMapper;
use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Utility\ITimeFactory; use OCP\AppFramework\Utility\ITimeFactory;
use OCP\EventDispatcher\IEventDispatcher; use OCP\EventDispatcher\IEventDispatcher;
use OCP\Files\IRootFolder; use OCP\Files\IRootFolder;
use OCP\IRequest; use OCP\IRequest;
use OCP\Security\Bruteforce\IThrottler;
use Sabre\DAV\Exception\Forbidden; use Sabre\DAV\Exception\Forbidden;
use Sabre\DAV\Exception\MethodNotAllowed; use Sabre\DAV\Exception\MethodNotAllowed;
use Sabre\DAV\Exception\NotFound; use Sabre\DAV\Exception\NotFound;
@ -49,18 +49,20 @@ class DirectHome implements ICollection {
/** @var ITimeFactory */ /** @var ITimeFactory */
private $timeFactory; private $timeFactory;
/** @var Throttler */ /** @var IThrottler */
private $throttler; private $throttler;
/** @var IRequest */ /** @var IRequest */
private $request; private $request;
/** @var IEventDispatcher */
private $eventDispatcher; private $eventDispatcher;
public function __construct( public function __construct(
IRootFolder $rootFolder, IRootFolder $rootFolder,
DirectMapper $mapper, DirectMapper $mapper,
ITimeFactory $timeFactory, ITimeFactory $timeFactory,
Throttler $throttler, IThrottler $throttler,
IRequest $request, IRequest $request,
IEventDispatcher $eventDispatcher IEventDispatcher $eventDispatcher
) { ) {

5
apps/dav/lib/Direct/ServerFactory.php
Unescape Escape View File

@ -27,7 +27,6 @@ declare(strict_types=1);
*/ */
namespace OCA\DAV\Direct; namespace OCA\DAV\Direct;
use OC\Security\Bruteforce\Throttler;
use OCA\DAV\Connector\Sabre\MaintenancePlugin; use OCA\DAV\Connector\Sabre\MaintenancePlugin;
use OCA\DAV\Db\DirectMapper; use OCA\DAV\Db\DirectMapper;
use OCP\AppFramework\Utility\ITimeFactory; use OCP\AppFramework\Utility\ITimeFactory;
@ -37,12 +36,14 @@ use OCP\IConfig;
use OCP\IL10N; use OCP\IL10N;
use OCP\IRequest; use OCP\IRequest;
use OCP\L10N\IFactory; use OCP\L10N\IFactory;
use OCP\Security\Bruteforce\IThrottler;
class ServerFactory { class ServerFactory {
/** @var IConfig */ /** @var IConfig */
private $config; private $config;
/** @var IL10N */ /** @var IL10N */
private $l10n; private $l10n;
/** @var IEventDispatcher */
private $eventDispatcher; private $eventDispatcher;
public function __construct(IConfig $config, IFactory $l10nFactory, IEventDispatcher $eventDispatcher) { public function __construct(IConfig $config, IFactory $l10nFactory, IEventDispatcher $eventDispatcher) {
@ -56,7 +57,7 @@ class ServerFactory {
IRootFolder $rootFolder, IRootFolder $rootFolder,
DirectMapper $mapper, DirectMapper $mapper,
ITimeFactory $timeFactory, ITimeFactory $timeFactory,
Throttler $throttler, IThrottler $throttler,
IRequest $request): Server { IRequest $request): Server {
$home = new DirectHome($rootFolder, $mapper, $timeFactory, $throttler, $request, $this->eventDispatcher); $home = new DirectHome($rootFolder, $mapper, $timeFactory, $throttler, $request, $this->eventDispatcher);
$server = new Server($home); $server = new Server($home);

6
apps/dav/tests/unit/Connector/PublicAuthTest.php
Unescape Escape View File

@ -26,9 +26,9 @@
*/ */
namespace OCA\DAV\Tests\unit\Connector; namespace OCA\DAV\Tests\unit\Connector;
use OC\Security\Bruteforce\Throttler;
use OCP\IRequest; use OCP\IRequest;
use OCP\ISession; use OCP\ISession;
use OCP\Security\Bruteforce\IThrottler;
use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\Exceptions\ShareNotFound;
use OCP\Share\IManager; use OCP\Share\IManager;
use OCP\Share\IShare; use OCP\Share\IShare;
@ -50,7 +50,7 @@ class PublicAuthTest extends \Test\TestCase {
private $shareManager; private $shareManager;
/** @var \OCA\DAV\Connector\PublicAuth */ /** @var \OCA\DAV\Connector\PublicAuth */
private $auth; private $auth;
/** @var Throttler|\PHPUnit\Framework\MockObject\MockObject */ /** @var IThrottler|\PHPUnit\Framework\MockObject\MockObject */
private $throttler; private $throttler;
/** @var string */ /** @var string */
@ -68,7 +68,7 @@ class PublicAuthTest extends \Test\TestCase {
$this->shareManager = $this->getMockBuilder(IManager::class) $this->shareManager = $this->getMockBuilder(IManager::class)
->disableOriginalConstructor() ->disableOriginalConstructor()
->getMock(); ->getMock();
$this->throttler = $this->getMockBuilder(Throttler::class) $this->throttler = $this->getMockBuilder(IThrottler::class)
->disableOriginalConstructor() ->disableOriginalConstructor()
->getMock(); ->getMock();

6
apps/dav/tests/unit/Connector/Sabre/AuthTest.php
Unescape Escape View File

@ -30,11 +30,11 @@
namespace OCA\DAV\Tests\unit\Connector\Sabre; namespace OCA\DAV\Tests\unit\Connector\Sabre;
use OC\Authentication\TwoFactorAuth\Manager; use OC\Authentication\TwoFactorAuth\Manager;
use OC\Security\Bruteforce\Throttler;
use OC\User\Session; use OC\User\Session;
use OCP\IRequest; use OCP\IRequest;
use OCP\ISession; use OCP\ISession;
use OCP\IUser; use OCP\IUser;
use OCP\Security\Bruteforce\IThrottler;
use Sabre\DAV\Server; use Sabre\DAV\Server;
use Sabre\HTTP\RequestInterface; use Sabre\HTTP\RequestInterface;
use Sabre\HTTP\ResponseInterface; use Sabre\HTTP\ResponseInterface;
@ -57,7 +57,7 @@ class AuthTest extends TestCase {
private $request; private $request;
/** @var Manager */ /** @var Manager */
private $twoFactorManager; private $twoFactorManager;
/** @var Throttler */ /** @var IThrottler */
private $throttler; private $throttler;
protected function setUp(): void { protected function setUp(): void {
@ -71,7 +71,7 @@ class AuthTest extends TestCase {
$this->twoFactorManager = $this->getMockBuilder(Manager::class) $this->twoFactorManager = $this->getMockBuilder(Manager::class)
->disableOriginalConstructor() ->disableOriginalConstructor()
->getMock(); ->getMock();
$this->throttler = $this->getMockBuilder(Throttler::class) $this->throttler = $this->getMockBuilder(IThrottler::class)
->disableOriginalConstructor() ->disableOriginalConstructor()
->getMock(); ->getMock();
$this->auth = new \OCA\DAV\Connector\Sabre\Auth( $this->auth = new \OCA\DAV\Connector\Sabre\Auth(

6
apps/dav/tests/unit/Direct/DirectHomeTest.php
Unescape Escape View File

@ -27,7 +27,6 @@ declare(strict_types=1);
*/ */
namespace OCA\DAV\Tests\Unit\Direct; namespace OCA\DAV\Tests\Unit\Direct;
use OC\Security\Bruteforce\Throttler;
use OCA\DAV\Db\Direct; use OCA\DAV\Db\Direct;
use OCA\DAV\Db\DirectMapper; use OCA\DAV\Db\DirectMapper;
use OCA\DAV\Direct\DirectFile; use OCA\DAV\Direct\DirectFile;
@ -37,6 +36,7 @@ use OCP\AppFramework\Utility\ITimeFactory;
use OCP\EventDispatcher\IEventDispatcher; use OCP\EventDispatcher\IEventDispatcher;
use OCP\Files\IRootFolder; use OCP\Files\IRootFolder;
use OCP\IRequest; use OCP\IRequest;
use OCP\Security\Bruteforce\IThrottler;
use Sabre\DAV\Exception\Forbidden; use Sabre\DAV\Exception\Forbidden;
use Sabre\DAV\Exception\MethodNotAllowed; use Sabre\DAV\Exception\MethodNotAllowed;
use Sabre\DAV\Exception\NotFound; use Sabre\DAV\Exception\NotFound;
@ -53,7 +53,7 @@ class DirectHomeTest extends TestCase {
/** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */ /** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */
private $timeFactory; private $timeFactory;
/** @var Throttler|\PHPUnit\Framework\MockObject\MockObject */ /** @var IThrottler|\PHPUnit\Framework\MockObject\MockObject */
private $throttler; private $throttler;
/** @var IRequest */ /** @var IRequest */
@ -71,7 +71,7 @@ class DirectHomeTest extends TestCase {
$this->directMapper = $this->createMock(DirectMapper::class); $this->directMapper = $this->createMock(DirectMapper::class);
$this->rootFolder = $this->createMock(IRootFolder::class); $this->rootFolder = $this->createMock(IRootFolder::class);
$this->timeFactory = $this->createMock(ITimeFactory::class); $this->timeFactory = $this->createMock(ITimeFactory::class);
$this->throttler = $this->createMock(Throttler::class); $this->throttler = $this->createMock(IThrottler::class);
$this->request = $this->createMock(IRequest::class); $this->request = $this->createMock(IRequest::class);
$this->eventDispatcher = $this->createMock(IEventDispatcher::class); $this->eventDispatcher = $this->createMock(IEventDispatcher::class);

4
apps/oauth2/lib/Controller/OauthApiController.php
Unescape Escape View File

@ -31,7 +31,6 @@ namespace OCA\OAuth2\Controller;
use OC\Authentication\Exceptions\ExpiredTokenException; use OC\Authentication\Exceptions\ExpiredTokenException;
use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Token\IProvider as TokenProvider; use OC\Authentication\Token\IProvider as TokenProvider;
use OC\Security\Bruteforce\Throttler;
use OCA\OAuth2\Db\AccessTokenMapper; use OCA\OAuth2\Db\AccessTokenMapper;
use OCA\OAuth2\Db\ClientMapper; use OCA\OAuth2\Db\ClientMapper;
use OCA\OAuth2\Exceptions\AccessTokenNotFoundException; use OCA\OAuth2\Exceptions\AccessTokenNotFoundException;
@ -41,6 +40,7 @@ use OCP\AppFramework\Http;
use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Utility\ITimeFactory; use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IRequest; use OCP\IRequest;
use OCP\Security\Bruteforce\IThrottler;
use OCP\Security\ICrypto; use OCP\Security\ICrypto;
use OCP\Security\ISecureRandom; use OCP\Security\ISecureRandom;
use Psr\Log\LoggerInterface; use Psr\Log\LoggerInterface;
@ -57,7 +57,7 @@ class OauthApiController extends Controller {
private ISecureRandom $secureRandom, private ISecureRandom $secureRandom,
private ITimeFactory $time, private ITimeFactory $time,
private LoggerInterface $logger, private LoggerInterface $logger,
private Throttler $throttler private IThrottler $throttler
) { ) {
parent::__construct($appName, $request); parent::__construct($appName, $request);
} }

6
apps/oauth2/tests/Controller/OauthApiControllerTest.php
Unescape Escape View File

@ -29,7 +29,6 @@ use OC\Authentication\Exceptions\ExpiredTokenException;
use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Token\IProvider as TokenProvider; use OC\Authentication\Token\IProvider as TokenProvider;
use OC\Authentication\Token\PublicKeyToken; use OC\Authentication\Token\PublicKeyToken;
use OC\Security\Bruteforce\Throttler;
use OCA\OAuth2\Controller\OauthApiController; use OCA\OAuth2\Controller\OauthApiController;
use OCA\OAuth2\Db\AccessToken; use OCA\OAuth2\Db\AccessToken;
use OCA\OAuth2\Db\AccessTokenMapper; use OCA\OAuth2\Db\AccessTokenMapper;
@ -41,6 +40,7 @@ use OCP\AppFramework\Http;
use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Utility\ITimeFactory; use OCP\AppFramework\Utility\ITimeFactory;
use OCP\IRequest; use OCP\IRequest;
use OCP\Security\Bruteforce\IThrottler;
use OCP\Security\ICrypto; use OCP\Security\ICrypto;
use OCP\Security\ISecureRandom; use OCP\Security\ISecureRandom;
use Psr\Log\LoggerInterface; use Psr\Log\LoggerInterface;
@ -66,7 +66,7 @@ class OauthApiControllerTest extends TestCase {
private $secureRandom; private $secureRandom;
/** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */ /** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */
private $time; private $time;
/** @var Throttler|\PHPUnit\Framework\MockObject\MockObject */ /** @var IThrottler|\PHPUnit\Framework\MockObject\MockObject */
private $throttler; private $throttler;
/** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */ /** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */
private $logger; private $logger;
@ -83,7 +83,7 @@ class OauthApiControllerTest extends TestCase {
$this->tokenProvider = $this->createMock(TokenProvider::class); $this->tokenProvider = $this->createMock(TokenProvider::class);
$this->secureRandom = $this->createMock(ISecureRandom::class); $this->secureRandom = $this->createMock(ISecureRandom::class);
$this->time = $this->createMock(ITimeFactory::class); $this->time = $this->createMock(ITimeFactory::class);
$this->throttler = $this->createMock(Throttler::class); $this->throttler = $this->createMock(IThrottler::class);
$this->logger = $this->createMock(LoggerInterface::class); $this->logger = $this->createMock(LoggerInterface::class);
$this->oauthApiController = new OauthApiController( $this->oauthApiController = new OauthApiController(

4
core/Controller/LoginController.php
Unescape Escape View File

@ -38,7 +38,6 @@ namespace OC\Core\Controller;
use OC\Authentication\Login\Chain; use OC\Authentication\Login\Chain;
use OC\Authentication\Login\LoginData; use OC\Authentication\Login\LoginData;
use OC\Authentication\WebAuthn\Manager as WebAuthnManager; use OC\Authentication\WebAuthn\Manager as WebAuthnManager;
use OC\Security\Bruteforce\Throttler;
use OC\User\Session; use OC\User\Session;
use OC_App; use OC_App;
use OCP\AppFramework\Controller; use OCP\AppFramework\Controller;
@ -58,6 +57,7 @@ use OCP\IURLGenerator;
use OCP\IUser; use OCP\IUser;
use OCP\IUserManager; use OCP\IUserManager;
use OCP\Notification\IManager; use OCP\Notification\IManager;
use OCP\Security\Bruteforce\IThrottler;
use OCP\Util; use OCP\Util;
#[IgnoreOpenAPI] #[IgnoreOpenAPI]
@ -74,7 +74,7 @@ class LoginController extends Controller {
private Session $userSession, private Session $userSession,
private IURLGenerator $urlGenerator, private IURLGenerator $urlGenerator,
private Defaults $defaults, private Defaults $defaults,
private Throttler $throttler, private IThrottler $throttler,
private IInitialStateService $initialStateService, private IInitialStateService $initialStateService,
private WebAuthnManager $webAuthnManager, private WebAuthnManager $webAuthnManager,
private IManager $manager, private IManager $manager,

5
lib/base.php
Unescape Escape View File

@ -74,6 +74,7 @@ use OCP\ILogger;
use OCP\IRequest; use OCP\IRequest;
use OCP\IURLGenerator; use OCP\IURLGenerator;
use OCP\IUserSession; use OCP\IUserSession;
use OCP\Security\Bruteforce\IThrottler;
use OCP\Server; use OCP\Server;
use OCP\Share; use OCP\Share;
use OCP\User\Events\UserChangedEvent; use OCP\User\Events\UserChangedEvent;
@ -871,7 +872,7 @@ class OC {
// reset brute force delay for this IP address and username // reset brute force delay for this IP address and username
$uid = $userSession->getUser()->getUID(); $uid = $userSession->getUser()->getUID();
$request = Server::get(IRequest::class); $request = Server::get(IRequest::class);
$throttler = Server::get(\OC\Security\Bruteforce\Throttler::class); $throttler = Server::get(IThrottler::class);
$throttler->resetDelay($request->getRemoteAddress(), 'login', ['user' => $uid]); $throttler->resetDelay($request->getRemoteAddress(), 'login', ['user' => $uid]);
} }
@ -1149,7 +1150,7 @@ class OC {
&& $userSession->loginWithCookie($_COOKIE['nc_username'], $_COOKIE['nc_token'], $_COOKIE['nc_session_id'])) { && $userSession->loginWithCookie($_COOKIE['nc_username'], $_COOKIE['nc_token'], $_COOKIE['nc_session_id'])) {
return true; return true;
} }
if ($userSession->tryBasicAuthLogin($request, Server::get(\OC\Security\Bruteforce\Throttler::class))) { if ($userSession->tryBasicAuthLogin($request, Server::get(IThrottler::class))) {
return true; return true;
} }
return false; return false;

7
lib/private/AppFramework/DependencyInjection/DIContainer.php
Unescape Escape View File

@ -72,6 +72,7 @@ use OCP\IServerContainer;
use OCP\ISession; use OCP\ISession;
use OCP\IURLGenerator; use OCP\IURLGenerator;
use OCP\IUserSession; use OCP\IUserSession;
use OCP\Security\Bruteforce\IThrottler;
use Psr\Container\ContainerInterface; use Psr\Container\ContainerInterface;
use Psr\Log\LoggerInterface; use Psr\Log\LoggerInterface;
@ -233,7 +234,7 @@ class DIContainer extends SimpleContainer implements IAppContainer {
$c->get(IRequest::class), $c->get(IRequest::class),
$c->get(IControllerMethodReflector::class), $c->get(IControllerMethodReflector::class),
$c->get(IUserSession::class), $c->get(IUserSession::class),
$c->get(OC\Security\Bruteforce\Throttler::class) $c->get(IThrottler::class)
) )
); );
$dispatcher->registerMiddleware( $dispatcher->registerMiddleware(
@ -291,7 +292,7 @@ class DIContainer extends SimpleContainer implements IAppContainer {
$dispatcher->registerMiddleware( $dispatcher->registerMiddleware(
new OC\AppFramework\Middleware\Security\BruteForceMiddleware( new OC\AppFramework\Middleware\Security\BruteForceMiddleware(
$c->get(IControllerMethodReflector::class), $c->get(IControllerMethodReflector::class),
$c->get(OC\Security\Bruteforce\Throttler::class), $c->get(IThrottler::class),
$c->get(IRequest::class), $c->get(IRequest::class),
$c->get(LoggerInterface::class) $c->get(LoggerInterface::class)
) )
@ -309,7 +310,7 @@ class DIContainer extends SimpleContainer implements IAppContainer {
$c->get(IRequest::class), $c->get(IRequest::class),
$c->get(ISession::class), $c->get(ISession::class),
$c->get(\OCP\IConfig::class), $c->get(\OCP\IConfig::class),
$c->get(OC\Security\Bruteforce\Throttler::class) $c->get(IThrottler::class)
) )
); );
$dispatcher->registerMiddleware( $dispatcher->registerMiddleware(

6
lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php
Unescape Escape View File

@ -24,7 +24,6 @@
namespace OC\AppFramework\Middleware\PublicShare; namespace OC\AppFramework\Middleware\PublicShare;
use OC\AppFramework\Middleware\PublicShare\Exceptions\NeedAuthenticationException; use OC\AppFramework\Middleware\PublicShare\Exceptions\NeedAuthenticationException;
use OC\Security\Bruteforce\Throttler;
use OCP\AppFramework\AuthPublicShareController; use OCP\AppFramework\AuthPublicShareController;
use OCP\AppFramework\Http\NotFoundResponse; use OCP\AppFramework\Http\NotFoundResponse;
use OCP\AppFramework\Middleware; use OCP\AppFramework\Middleware;
@ -33,6 +32,7 @@ use OCP\Files\NotFoundException;
use OCP\IConfig; use OCP\IConfig;
use OCP\IRequest; use OCP\IRequest;
use OCP\ISession; use OCP\ISession;
use OCP\Security\Bruteforce\IThrottler;
class PublicShareMiddleware extends Middleware { class PublicShareMiddleware extends Middleware {
/** @var IRequest */ /** @var IRequest */
@ -44,10 +44,10 @@ class PublicShareMiddleware extends Middleware {
/** @var IConfig */ /** @var IConfig */
private $config; private $config;
/** @var Throttler */ /** @var IThrottler */
private $throttler; private $throttler;
public function __construct(IRequest $request, ISession $session, IConfig $config, Throttler $throttler) { public function __construct(IRequest $request, ISession $session, IConfig $config, IThrottler $throttler) {
$this->request = $request; $this->request = $request;
$this->session = $session; $this->session = $session;
$this->config = $config; $this->config = $config;

4
lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php
Unescape Escape View File

@ -29,7 +29,6 @@ declare(strict_types=1);
namespace OC\AppFramework\Middleware\Security; namespace OC\AppFramework\Middleware\Security;
use OC\AppFramework\Utility\ControllerMethodReflector; use OC\AppFramework\Utility\ControllerMethodReflector;
use OC\Security\Bruteforce\Throttler;
use OCP\AppFramework\Controller; use OCP\AppFramework\Controller;
use OCP\AppFramework\Http; use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Attribute\BruteForceProtection; use OCP\AppFramework\Http\Attribute\BruteForceProtection;
@ -39,6 +38,7 @@ use OCP\AppFramework\Middleware;
use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCS\OCSException;
use OCP\AppFramework\OCSController; use OCP\AppFramework\OCSController;
use OCP\IRequest; use OCP\IRequest;
use OCP\Security\Bruteforce\IThrottler;
use OCP\Security\Bruteforce\MaxDelayReached; use OCP\Security\Bruteforce\MaxDelayReached;
use Psr\Log\LoggerInterface; use Psr\Log\LoggerInterface;
use ReflectionMethod; use ReflectionMethod;
@ -55,7 +55,7 @@ class BruteForceMiddleware extends Middleware {
public function __construct( public function __construct(
protected ControllerMethodReflector $reflector, protected ControllerMethodReflector $reflector,
protected Throttler $throttler, protected IThrottler $throttler,
protected IRequest $request, protected IRequest $request,
protected LoggerInterface $logger, protected LoggerInterface $logger,
) { ) {

12
lib/private/AppFramework/Middleware/Security/CORSMiddleware.php
Unescape Escape View File

@ -29,7 +29,6 @@ namespace OC\AppFramework\Middleware\Security;
use OC\AppFramework\Middleware\Security\Exceptions\SecurityException; use OC\AppFramework\Middleware\Security\Exceptions\SecurityException;
use OC\AppFramework\Utility\ControllerMethodReflector; use OC\AppFramework\Utility\ControllerMethodReflector;
use OC\Authentication\Exceptions\PasswordLoginForbiddenException; use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
use OC\Security\Bruteforce\Throttler;
use OC\User\Session; use OC\User\Session;
use OCP\AppFramework\Controller; use OCP\AppFramework\Controller;
use OCP\AppFramework\Http; use OCP\AppFramework\Http;
@ -39,6 +38,7 @@ use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\Response;
use OCP\AppFramework\Middleware; use OCP\AppFramework\Middleware;
use OCP\IRequest; use OCP\IRequest;
use OCP\Security\Bruteforce\IThrottler;
use ReflectionMethod; use ReflectionMethod;
/** /**
@ -54,19 +54,13 @@ class CORSMiddleware extends Middleware {
private $reflector; private $reflector;
/** @var Session */ /** @var Session */
private $session; private $session;
/** @var Throttler */ /** @var IThrottler */
private $throttler; private $throttler;
/**
* @param IRequest $request
* @param ControllerMethodReflector $reflector
* @param Session $session
* @param Throttler $throttler
*/
public function __construct(IRequest $request, public function __construct(IRequest $request,
ControllerMethodReflector $reflector, ControllerMethodReflector $reflector,
Session $session, Session $session,
Throttler $throttler) { IThrottler $throttler) {
$this->request = $request; $this->request = $request;
$this->reflector = $reflector; $this->reflector = $reflector;
$this->session = $session; $this->session = $session;

2
lib/private/Server.php
Unescape Escape View File

@ -2106,7 +2106,7 @@ class Server extends ServerContainer implements IServerContainer {
} }
/** /**
* @return Throttler * @return IThrottler
* @deprecated 20.0.0 * @deprecated 20.0.0
*/ */
public function getBruteForceThrottler() { public function getBruteForceThrottler() {

8
lib/private/User/Session.php
Unescape Escape View File

@ -419,7 +419,7 @@ class Session implements IUserSession, Emitter {
* @param string $user * @param string $user
* @param string $password * @param string $password
* @param IRequest $request * @param IRequest $request
* @param OC\Security\Bruteforce\Throttler $throttler * @param IThrottler $throttler
* @throws LoginException * @throws LoginException
* @throws PasswordLoginForbiddenException * @throws PasswordLoginForbiddenException
* @return boolean * @return boolean
@ -427,7 +427,7 @@ class Session implements IUserSession, Emitter {
public function logClientIn($user, public function logClientIn($user,
$password, $password,
IRequest $request, IRequest $request,
OC\Security\Bruteforce\Throttler $throttler) { IThrottler $throttler) {
$remoteAddress = $request->getRemoteAddress(); $remoteAddress = $request->getRemoteAddress();
$currentDelay = $throttler->sleepDelayOrThrowOnMax($remoteAddress, 'login'); $currentDelay = $throttler->sleepDelayOrThrowOnMax($remoteAddress, 'login');
@ -572,11 +572,11 @@ class Session implements IUserSession, Emitter {
* *
* @todo do not allow basic auth if the user is 2FA enforced * @todo do not allow basic auth if the user is 2FA enforced
* @param IRequest $request * @param IRequest $request
* @param OC\Security\Bruteforce\Throttler $throttler * @param IThrottler $throttler
* @return boolean if the login was successful * @return boolean if the login was successful
*/ */
public function tryBasicAuthLogin(IRequest $request, public function tryBasicAuthLogin(IRequest $request,
OC\Security\Bruteforce\Throttler $throttler) { IThrottler $throttler) {
if (!empty($request->server['PHP_AUTH_USER']) && !empty($request->server['PHP_AUTH_PW'])) { if (!empty($request->server['PHP_AUTH_USER']) && !empty($request->server['PHP_AUTH_PW'])) {
try { try {
if ($this->logClientIn($request->server['PHP_AUTH_USER'], $request->server['PHP_AUTH_PW'], $request, $throttler)) { if ($this->logClientIn($request->server['PHP_AUTH_USER'], $request->server['PHP_AUTH_PW'], $request, $throttler)) {

6
tests/Core/Controller/LoginControllerTest.php
Unescape Escape View File

@ -29,7 +29,6 @@ use OC\Authentication\Login\LoginData;
use OC\Authentication\Login\LoginResult; use OC\Authentication\Login\LoginResult;
use OC\Authentication\TwoFactorAuth\Manager; use OC\Authentication\TwoFactorAuth\Manager;
use OC\Core\Controller\LoginController; use OC\Core\Controller\LoginController;
use OC\Security\Bruteforce\Throttler;
use OC\User\Session; use OC\User\Session;
use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\TemplateResponse; use OCP\AppFramework\Http\TemplateResponse;
@ -43,6 +42,7 @@ use OCP\IURLGenerator;
use OCP\IUser; use OCP\IUser;
use OCP\IUserManager; use OCP\IUserManager;
use OCP\Notification\IManager; use OCP\Notification\IManager;
use OCP\Security\Bruteforce\IThrottler;
use PHPUnit\Framework\MockObject\MockObject; use PHPUnit\Framework\MockObject\MockObject;
use Test\TestCase; use Test\TestCase;
@ -74,7 +74,7 @@ class LoginControllerTest extends TestCase {
/** @var Defaults|MockObject */ /** @var Defaults|MockObject */
private $defaults; private $defaults;
/** @var Throttler|MockObject */ /** @var IThrottler|MockObject */
private $throttler; private $throttler;
/** @var IInitialStateService|MockObject */ /** @var IInitialStateService|MockObject */
@ -99,7 +99,7 @@ class LoginControllerTest extends TestCase {
$this->urlGenerator = $this->createMock(IURLGenerator::class); $this->urlGenerator = $this->createMock(IURLGenerator::class);
$this->twoFactorManager = $this->createMock(Manager::class); $this->twoFactorManager = $this->createMock(Manager::class);
$this->defaults = $this->createMock(Defaults::class); $this->defaults = $this->createMock(Defaults::class);
$this->throttler = $this->createMock(Throttler::class); $this->throttler = $this->createMock(IThrottler::class);
$this->initialStateService = $this->createMock(IInitialStateService::class); $this->initialStateService = $this->createMock(IInitialStateService::class);
$this->webAuthnManager = $this->createMock(\OC\Authentication\WebAuthn\Manager::class); $this->webAuthnManager = $this->createMock(\OC\Authentication\WebAuthn\Manager::class);
$this->notificationManager = $this->createMock(IManager::class); $this->notificationManager = $this->createMock(IManager::class);

6
tests/lib/AppFramework/Middleware/PublicShare/PublicShareMiddlewareTest.php
Unescape Escape View File

@ -25,7 +25,6 @@ namespace Test\AppFramework\Middleware\PublicShare;
use OC\AppFramework\Middleware\PublicShare\Exceptions\NeedAuthenticationException; use OC\AppFramework\Middleware\PublicShare\Exceptions\NeedAuthenticationException;
use OC\AppFramework\Middleware\PublicShare\PublicShareMiddleware; use OC\AppFramework\Middleware\PublicShare\PublicShareMiddleware;
use OC\Security\Bruteforce\Throttler;
use OCP\AppFramework\AuthPublicShareController; use OCP\AppFramework\AuthPublicShareController;
use OCP\AppFramework\Controller; use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\NotFoundResponse; use OCP\AppFramework\Http\NotFoundResponse;
@ -36,6 +35,7 @@ use OCP\IConfig;
use OCP\IRequest; use OCP\IRequest;
use OCP\ISession; use OCP\ISession;
use OCP\IURLGenerator; use OCP\IURLGenerator;
use OCP\Security\Bruteforce\IThrottler;
class PublicShareMiddlewareTest extends \Test\TestCase { class PublicShareMiddlewareTest extends \Test\TestCase {
/** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */ /** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */
@ -44,7 +44,7 @@ class PublicShareMiddlewareTest extends \Test\TestCase {
private $session; private $session;
/** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */ /** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */
private $config; private $config;
/** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */ /** @var IThrottler|\PHPUnit\Framework\MockObject\MockObject */
private $throttler; private $throttler;
/** @var PublicShareMiddleware */ /** @var PublicShareMiddleware */
@ -57,7 +57,7 @@ class PublicShareMiddlewareTest extends \Test\TestCase {
$this->request = $this->createMock(IRequest::class); $this->request = $this->createMock(IRequest::class);
$this->session = $this->createMock(ISession::class); $this->session = $this->createMock(ISession::class);
$this->config = $this->createMock(IConfig::class); $this->config = $this->createMock(IConfig::class);
$this->throttler = $this->createMock(Throttler::class); $this->throttler = $this->createMock(IThrottler::class);
$this->middleware = new PublicShareMiddleware( $this->middleware = new PublicShareMiddleware(
$this->request, $this->request,

6
tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php
Unescape Escape View File

@ -24,11 +24,11 @@ namespace Test\AppFramework\Middleware\Security;
use OC\AppFramework\Middleware\Security\BruteForceMiddleware; use OC\AppFramework\Middleware\Security\BruteForceMiddleware;
use OC\AppFramework\Utility\ControllerMethodReflector; use OC\AppFramework\Utility\ControllerMethodReflector;
use OC\Security\Bruteforce\Throttler;
use OCP\AppFramework\Controller; use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\Attribute\BruteForceProtection; use OCP\AppFramework\Http\Attribute\BruteForceProtection;
use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\Response;
use OCP\IRequest; use OCP\IRequest;
use OCP\Security\Bruteforce\IThrottler;
use Psr\Log\LoggerInterface; use Psr\Log\LoggerInterface;
use Test\TestCase; use Test\TestCase;
@ -55,7 +55,7 @@ class TestController extends Controller {
class BruteForceMiddlewareTest extends TestCase { class BruteForceMiddlewareTest extends TestCase {
/** @var ControllerMethodReflector */ /** @var ControllerMethodReflector */
private $reflector; private $reflector;
/** @var Throttler|\PHPUnit\Framework\MockObject\MockObject */ /** @var IThrottler|\PHPUnit\Framework\MockObject\MockObject */
private $throttler; private $throttler;
/** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */ /** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */
private $request; private $request;
@ -67,7 +67,7 @@ class BruteForceMiddlewareTest extends TestCase {
parent::setUp(); parent::setUp();
$this->reflector = new ControllerMethodReflector(); $this->reflector = new ControllerMethodReflector();
$this->throttler = $this->createMock(Throttler::class); $this->throttler = $this->createMock(IThrottler::class);
$this->request = $this->createMock(IRequest::class); $this->request = $this->createMock(IRequest::class);
$this->logger = $this->createMock(LoggerInterface::class); $this->logger = $this->createMock(LoggerInterface::class);

9
tests/lib/AppFramework/Middleware/Security/CORSMiddlewareTest.php
Unescape Escape View File

@ -15,21 +15,22 @@ use OC\AppFramework\Http\Request;
use OC\AppFramework\Middleware\Security\CORSMiddleware; use OC\AppFramework\Middleware\Security\CORSMiddleware;
use OC\AppFramework\Middleware\Security\Exceptions\SecurityException; use OC\AppFramework\Middleware\Security\Exceptions\SecurityException;
use OC\AppFramework\Utility\ControllerMethodReflector; use OC\AppFramework\Utility\ControllerMethodReflector;
use OC\Security\Bruteforce\Throttler;
use OC\User\Session; use OC\User\Session;
use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Http\JSONResponse;
use OCP\AppFramework\Http\Response; use OCP\AppFramework\Http\Response;
use OCP\IConfig; use OCP\IConfig;
use OCP\IRequest; use OCP\IRequest;
use OCP\IRequestId; use OCP\IRequestId;
use OCP\Security\Bruteforce\IThrottler;
use PHPUnit\Framework\MockObject\MockObject;
use Test\AppFramework\Middleware\Security\Mock\CORSMiddlewareController; use Test\AppFramework\Middleware\Security\Mock\CORSMiddlewareController;
class CORSMiddlewareTest extends \Test\TestCase { class CORSMiddlewareTest extends \Test\TestCase {
/** @var ControllerMethodReflector */ /** @var ControllerMethodReflector */
private $reflector; private $reflector;
/** @var Session|\PHPUnit\Framework\MockObject\MockObject */ /** @var Session|MockObject */
private $session; private $session;
/** @var Throttler */ /** @var IThrottler|MockObject */
private $throttler; private $throttler;
/** @var CORSMiddlewareController */ /** @var CORSMiddlewareController */
private $controller; private $controller;
@ -38,7 +39,7 @@ class CORSMiddlewareTest extends \Test\TestCase {
parent::setUp(); parent::setUp();
$this->reflector = new ControllerMethodReflector(); $this->reflector = new ControllerMethodReflector();
$this->session = $this->createMock(Session::class); $this->session = $this->createMock(Session::class);
$this->throttler = $this->createMock(Throttler::class); $this->throttler = $this->createMock(IThrottler::class);
$this->controller = new CORSMiddlewareController( $this->controller = new CORSMiddlewareController(
'test', 'test',
$this->createMock(IRequest::class) $this->createMock(IRequest::class)

6
tests/lib/User/SessionTest.php
Unescape Escape View File

@ -14,7 +14,6 @@ use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Exceptions\PasswordLoginForbiddenException; use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken; use OC\Authentication\Token\IToken;
use OC\Security\Bruteforce\Throttler;
use OC\Session\Memory; use OC\Session\Memory;
use OC\User\LoginException; use OC\User\LoginException;
use OC\User\Manager; use OC\User\Manager;
@ -30,6 +29,7 @@ use OCP\IRequestId;
use OCP\ISession; use OCP\ISession;
use OCP\IUser; use OCP\IUser;
use OCP\Lockdown\ILockdownManager; use OCP\Lockdown\ILockdownManager;
use OCP\Security\Bruteforce\IThrottler;
use OCP\Security\ISecureRandom; use OCP\Security\ISecureRandom;
use OCP\User\Events\PostLoginEvent; use OCP\User\Events\PostLoginEvent;
use PHPUnit\Framework\MockObject\MockObject; use PHPUnit\Framework\MockObject\MockObject;
@ -47,7 +47,7 @@ class SessionTest extends \Test\TestCase {
private $tokenProvider; private $tokenProvider;
/** @var IConfig|MockObject */ /** @var IConfig|MockObject */
private $config; private $config;
/** @var Throttler|MockObject */ /** @var IThrottler|MockObject */
private $throttler; private $throttler;
/** @var ISecureRandom|MockObject */ /** @var ISecureRandom|MockObject */
private $random; private $random;
@ -73,7 +73,7 @@ class SessionTest extends \Test\TestCase {
->willReturn(10000); ->willReturn(10000);
$this->tokenProvider = $this->createMock(IProvider::class); $this->tokenProvider = $this->createMock(IProvider::class);
$this->config = $this->createMock(IConfig::class); $this->config = $this->createMock(IConfig::class);
$this->throttler = $this->createMock(Throttler::class); $this->throttler = $this->createMock(IThrottler::class);
$this->random = $this->createMock(ISecureRandom::class); $this->random = $this->createMock(ISecureRandom::class);
$this->manager = $this->createMock(Manager::class); $this->manager = $this->createMock(Manager::class);
$this->session = $this->createMock(ISession::class); $this->session = $this->createMock(ISession::class);