-
Notifications
You must be signed in to change notification settings - Fork 435
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added hook to verify password to allow custom password check #1020
Changes from 3 commits
12e8250
a0bd7af
09b0c01
54d3862
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -147,10 +147,18 @@ public function index($token = '', $callUser = '', $password = '') { | |
} | ||
|
||
if ($requirePassword) { | ||
if ($password !== '' && $room->verifyPassword($password)) { | ||
|
||
$passwordVerification = $room->verifyPassword($password); | ||
|
||
if ($passwordVerification['result']) { | ||
$this->session->setPasswordForRoom($token, $token); | ||
} else { | ||
return new TemplateResponse($this->appName, 'authenticate', [], 'guest'); | ||
if ($passwordVerification['url'] === '') { | ||
return new TemplateResponse($this->appName, 'authenticate', [], 'guest'); | ||
} | ||
else { | ||
return new RedirectResponse($passwordVerification['url']); | ||
} | ||
} | ||
} | ||
} | ||
|
@@ -194,10 +202,22 @@ protected function guestEnterRoom($token, $password) { | |
|
||
$this->session->removePasswordForRoom($token); | ||
if ($room->hasPassword()) { | ||
if ($password !== '' && $room->verifyPassword($password)) { | ||
$passwordVerification = [ | ||
'result' => false, | ||
'url' => '' | ||
]; | ||
|
||
$passwordVerification = $room->verifyPassword($password); | ||
|
||
if ($passwordVerification['result']) { | ||
$this->session->setPasswordForRoom($token, $token); | ||
} else { | ||
return new TemplateResponse($this->appName, 'authenticate', [], 'guest'); | ||
if ($passwordVerification['url'] == '') { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
|
||
return new TemplateResponse($this->appName, 'authenticate', [], 'guest'); | ||
} | ||
else { | ||
return new RedirectResponse($passwordVerification['url']); | ||
} | ||
} | ||
} | ||
|
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -516,7 +516,7 @@ public function joinRoom($userId, $password, $passedPasswordProtection = false) | |
$result = $query->execute(); | ||
|
||
if ($result === 0) { | ||
if (!$passedPasswordProtection && !$this->verifyPassword($password)) { | ||
if (!$passedPasswordProtection && !$this->verifyPassword($password)['result']) { | ||
throw new InvalidPasswordException(); | ||
} | ||
|
||
|
@@ -575,7 +575,7 @@ public function leaveRoom($userId) { | |
public function joinRoomGuest($password, $passedPasswordProtection = false) { | ||
$this->dispatcher->dispatch(self::class . '::preJoinRoomGuest', new GenericEvent($this)); | ||
|
||
if (!$passedPasswordProtection && !$this->verifyPassword($password)) { | ||
if (!$passedPasswordProtection && !$this->verifyPassword($password)['result']) { | ||
throw new InvalidPasswordException(); | ||
} | ||
|
||
|
@@ -595,6 +595,7 @@ public function joinRoomGuest($password, $passedPasswordProtection = false) { | |
return $sessionId; | ||
} | ||
|
||
|
||
/** | ||
* @param string $sessionId | ||
* @param bool $active | ||
|
@@ -633,7 +634,23 @@ public function changeInCall($sessionId, $active) { | |
* @return bool | ||
*/ | ||
public function verifyPassword($password) { | ||
return !$this->hasPassword() || $this->hasher->verify($password, $this->password); | ||
$event = new GenericEvent($this, [ | ||
'password' => $password | ||
]); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. You should pass the room as subject of the event, so the event handler knows which room is checking the password and has access to all parameters: new GenericEvent($this, [
'password' => $password,
]); |
||
$this->dispatcher->dispatch(self::class . '::verifyPassword', $event); | ||
if ($event->hasArgument('result')) { | ||
$result = $event->getArgument('result'); | ||
return [ | ||
'result' => $result['result'] ?? false, | ||
'url' => $result['url'] ?? '' | ||
]; | ||
} | ||
|
||
$passwordVerification = [ | ||
'result' => !$this->hasPassword() || $this->hasher->verify($password, $this->password), | ||
'url' => '' | ||
]; | ||
return $passwordVerification; | ||
} | ||
|
||
/** | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
<?php | ||
/** | ||
* @copyright Copyright (c) 2018 Peter Edens <petere@conceiva.com> | ||
* | ||
* @license GNU AGPL version 3 or any later version | ||
* | ||
* This program is free software: you can redistribute it and/or modify | ||
* it under the terms of the GNU Affero General Public License as | ||
* published by the Free Software Foundation, either version 3 of the | ||
* License, or (at your option) any later version. | ||
* | ||
* This program is distributed in the hope that it will be useful, | ||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | ||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
* GNU Affero General Public License for more details. | ||
* | ||
* You should have received a copy of the GNU Affero General Public License | ||
* along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
* | ||
*/ | ||
namespace OCA\Spreed\Tests\php; | ||
|
||
use OCA\Spreed\Config; | ||
use OCP\AppFramework\Utility\ITimeFactory; | ||
use OCP\IConfig; | ||
use OCP\Security\IHasher; | ||
use OCP\Security\ISecureRandom; | ||
use Test\TestCase; | ||
|
||
class PasswordVerificationTest extends TestCase { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. missing database group: /**
* @group DB
*/ |
||
|
||
public function testVerifyPassword() { | ||
$dispatcher = \OC::$server->getEventDispatcher(); | ||
|
||
$dispatcher->addListener('OCA\Spreed\Room::verifyPassword', function(GenericEvent $event) { | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. missing import of
/drone/src/github.com/nextcloud/server/apps/spreed/tests/php/PasswordVerificationTest.php:35 |
||
$password = $event->getArgument('password'); | ||
$room = $event->getSubject(); | ||
$hasPassword = $room->hasPassword(); | ||
|
||
if ($password == "1234") { | ||
$event->setArgument('result', [ 'result' => true, 'url' => '']); | ||
} | ||
else { | ||
$event->setArgument('result', [ 'result' => false, 'url' => 'https://test']); | ||
} | ||
}); | ||
|
||
$secureRandom = \OC::$server->getSecureRandom(); | ||
$config = \OC::$server->getConfig(); | ||
|
||
$dbConnection = \OC::$server->getDatabaseConnection(); | ||
$dispatcher = \OC::$server->getEventDispatcher(); | ||
$manager = new Manager($dbConnection, $config, $secureRandom, $dispatcher, $this->createMock(IHasher::class)); | ||
$room = $manager->createPublicRoom(); | ||
$verificationResult = $room->verifyPassword('1234'); | ||
$this->assertSame($verificationResult, ['result' => true, 'url' => '']); | ||
$verificationResult = $room->verifyPassword('4321'); | ||
$this->assertSame($verificationResult, ['result' => false, 'url' => 'https://test']); | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
useless assignment