Always catch OCP versions of authentication exceptions
And always throw OC versions for BC Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
This commit is contained in:
parent
67fba0a574
commit
eee9f1eec4
|
@ -28,8 +28,6 @@ declare(strict_types=1);
|
|||
*/
|
||||
namespace OCA\OAuth2\Controller;
|
||||
|
||||
use OC\Authentication\Exceptions\ExpiredTokenException;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Token\IProvider as TokenProvider;
|
||||
use OCA\OAuth2\Db\AccessTokenMapper;
|
||||
use OCA\OAuth2\Db\ClientMapper;
|
||||
|
@ -39,6 +37,8 @@ use OCP\AppFramework\Controller;
|
|||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\JSONResponse;
|
||||
use OCP\AppFramework\Utility\ITimeFactory;
|
||||
use OCP\Authentication\Exceptions\ExpiredTokenException;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\DB\Exception;
|
||||
use OCP\IRequest;
|
||||
use OCP\Security\Bruteforce\IThrottler;
|
||||
|
|
|
@ -26,10 +26,10 @@ declare(strict_types=1);
|
|||
*/
|
||||
namespace OCA\OAuth2\Migration;
|
||||
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Token\IProvider as TokenProvider;
|
||||
use OCA\OAuth2\Db\AccessToken;
|
||||
use OCP\AppFramework\Utility\ITimeFactory;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\IDBConnection;
|
||||
use OCP\Migration\IOutput;
|
||||
use OCP\Migration\IRepairStep;
|
||||
|
|
|
@ -32,10 +32,8 @@
|
|||
namespace OCA\Settings\Controller;
|
||||
|
||||
use BadMethodCallException;
|
||||
use OC\Authentication\Exceptions\ExpiredTokenException;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException as OcInvalidTokenException;
|
||||
use OC\Authentication\Exceptions\PasswordlessTokenException;
|
||||
use OC\Authentication\Exceptions\WipeTokenException;
|
||||
use OC\Authentication\Token\INamedToken;
|
||||
use OC\Authentication\Token\IProvider;
|
||||
use OC\Authentication\Token\IToken;
|
||||
|
@ -45,6 +43,9 @@ use OCP\Activity\IManager;
|
|||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\JSONResponse;
|
||||
use OCP\Authentication\Exceptions\ExpiredTokenException;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Authentication\Exceptions\WipeTokenException;
|
||||
use OCP\IRequest;
|
||||
use OCP\ISession;
|
||||
use OCP\IUserSession;
|
||||
|
@ -292,7 +293,8 @@ class AuthSettingsController extends Controller {
|
|||
$token = $e->getToken();
|
||||
}
|
||||
if ($token->getUID() !== $this->uid) {
|
||||
throw new InvalidTokenException('This token does not belong to you!');
|
||||
/* We have to throw the OC version so both OC and OCP catches catch it */
|
||||
throw new OcInvalidTokenException('This token does not belong to you!');
|
||||
}
|
||||
return $token;
|
||||
}
|
||||
|
@ -305,7 +307,7 @@ class AuthSettingsController extends Controller {
|
|||
* @param int $id
|
||||
* @return JSONResponse
|
||||
* @throws InvalidTokenException
|
||||
* @throws \OC\Authentication\Exceptions\ExpiredTokenException
|
||||
* @throws ExpiredTokenException
|
||||
*/
|
||||
public function wipe(int $id): JSONResponse {
|
||||
if ($this->checkAppToken()) {
|
||||
|
|
|
@ -25,12 +25,12 @@ declare(strict_types=1);
|
|||
*/
|
||||
namespace OCA\Settings\Settings\Personal\Security;
|
||||
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Token\INamedToken;
|
||||
use OC\Authentication\Token\IProvider as IAuthTokenProvider;
|
||||
use OC\Authentication\Token\IToken;
|
||||
use OCP\AppFramework\Http\TemplateResponse;
|
||||
use OCP\AppFramework\Services\IInitialState;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\ISession;
|
||||
use OCP\IUserSession;
|
||||
use OCP\Session\Exceptions\SessionNotAvailableException;
|
||||
|
|
|
@ -29,13 +29,13 @@ declare(strict_types=1);
|
|||
namespace OC\Core\Controller;
|
||||
|
||||
use OC\Authentication\Events\AppPasswordCreatedEvent;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Token\IProvider;
|
||||
use OC\Authentication\Token\IToken;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\DataResponse;
|
||||
use OCP\AppFramework\OCS\OCSForbiddenException;
|
||||
use OCP\Authentication\Exceptions\CredentialsUnavailableException;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Authentication\Exceptions\PasswordUnavailableException;
|
||||
use OCP\Authentication\LoginCredentials\IStore;
|
||||
use OCP\EventDispatcher\IEventDispatcher;
|
||||
|
|
|
@ -33,7 +33,7 @@
|
|||
namespace OC\Core\Controller;
|
||||
|
||||
use OC\Authentication\Events\AppPasswordCreatedEvent;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException as OcInvalidTokenException;
|
||||
use OC\Authentication\Exceptions\PasswordlessTokenException;
|
||||
use OC\Authentication\Token\IProvider;
|
||||
use OC\Authentication\Token\IToken;
|
||||
|
@ -47,6 +47,7 @@ use OCP\AppFramework\Http\Attribute\UseSession;
|
|||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\AppFramework\Http\StandaloneTemplateResponse;
|
||||
use OCP\AppFramework\Utility\ITimeFactory;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Defaults;
|
||||
use OCP\EventDispatcher\IEventDispatcher;
|
||||
use OCP\IL10N;
|
||||
|
@ -331,7 +332,7 @@ class ClientFlowLoginController extends Controller {
|
|||
try {
|
||||
$token = $this->tokenProvider->getToken($password);
|
||||
if ($token->getLoginName() !== $user) {
|
||||
throw new InvalidTokenException('login name does not match');
|
||||
throw new OcInvalidTokenException('login name does not match');
|
||||
}
|
||||
} catch (InvalidTokenException $e) {
|
||||
$response = new StandaloneTemplateResponse(
|
||||
|
|
|
@ -27,7 +27,7 @@ declare(strict_types=1);
|
|||
*/
|
||||
namespace OC\Core\Controller;
|
||||
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException as OcInvalidTokenException;
|
||||
use OC\Core\Db\LoginFlowV2;
|
||||
use OC\Core\Exception\LoginFlowV2NotFoundException;
|
||||
use OC\Core\Service\LoginFlowV2Service;
|
||||
|
@ -40,6 +40,7 @@ use OCP\AppFramework\Http\JSONResponse;
|
|||
use OCP\AppFramework\Http\RedirectResponse;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\AppFramework\Http\StandaloneTemplateResponse;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Defaults;
|
||||
use OCP\IL10N;
|
||||
use OCP\IRequest;
|
||||
|
@ -211,7 +212,7 @@ class ClientFlowLoginV2Controller extends Controller {
|
|||
try {
|
||||
$token = \OC::$server->get(\OC\Authentication\Token\IProvider::class)->getToken($password);
|
||||
if ($token->getLoginName() !== $user) {
|
||||
throw new InvalidTokenException('login name does not match');
|
||||
throw new OcInvalidTokenException('login name does not match');
|
||||
}
|
||||
} catch (InvalidTokenException $e) {
|
||||
$response = new StandaloneTemplateResponse(
|
||||
|
|
|
@ -26,11 +26,11 @@ declare(strict_types=1);
|
|||
*/
|
||||
namespace OC\Core\Controller;
|
||||
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Token\RemoteWipe;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http;
|
||||
use OCP\AppFramework\Http\JSONResponse;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\IRequest;
|
||||
|
||||
class WipeController extends Controller {
|
||||
|
|
|
@ -26,7 +26,6 @@ declare(strict_types=1);
|
|||
*/
|
||||
namespace OC\Core\Service;
|
||||
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Exceptions\PasswordlessTokenException;
|
||||
use OC\Authentication\Token\IProvider;
|
||||
use OC\Authentication\Token\IToken;
|
||||
|
@ -37,6 +36,7 @@ use OC\Core\Db\LoginFlowV2Mapper;
|
|||
use OC\Core\Exception\LoginFlowV2NotFoundException;
|
||||
use OCP\AppFramework\Db\DoesNotExistException;
|
||||
use OCP\AppFramework\Utility\ITimeFactory;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\IConfig;
|
||||
use OCP\Security\ICrypto;
|
||||
use OCP\Security\ISecureRandom;
|
||||
|
|
|
@ -26,10 +26,10 @@ declare(strict_types=1);
|
|||
*/
|
||||
namespace OC\Authentication\LoginCredentials;
|
||||
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Exceptions\PasswordlessTokenException;
|
||||
use OC\Authentication\Token\IProvider;
|
||||
use OCP\Authentication\Exceptions\CredentialsUnavailableException;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Authentication\LoginCredentials\ICredentials;
|
||||
use OCP\Authentication\LoginCredentials\IStore;
|
||||
use OCP\ISession;
|
||||
|
|
|
@ -28,10 +28,11 @@ declare(strict_types=1);
|
|||
namespace OC\Authentication\Token;
|
||||
|
||||
use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
|
||||
use OC\Authentication\Exceptions\ExpiredTokenException;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Exceptions\PasswordlessTokenException;
|
||||
use OC\Authentication\Exceptions\WipeTokenException;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException as OcInvalidTokenException;
|
||||
use OCP\Authentication\Exceptions\ExpiredTokenException;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Authentication\Exceptions\PasswordlessTokenException;
|
||||
use OCP\Authentication\Exceptions\WipeTokenException;
|
||||
use OCP\Authentication\Token\IProvider as OCPIProvider;
|
||||
|
||||
class Manager implements IProvider, OCPIProvider {
|
||||
|
@ -221,7 +222,7 @@ class Manager implements IProvider, OCPIProvider {
|
|||
return $this->publicKeyTokenProvider->rotate($token, $oldTokenId, $newTokenId);
|
||||
}
|
||||
|
||||
throw new InvalidTokenException();
|
||||
throw new OcInvalidTokenException();
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -233,7 +234,7 @@ class Manager implements IProvider, OCPIProvider {
|
|||
if ($token instanceof PublicKeyToken) {
|
||||
return $this->publicKeyTokenProvider;
|
||||
}
|
||||
throw new InvalidTokenException();
|
||||
throw new OcInvalidTokenException();
|
||||
}
|
||||
|
||||
|
||||
|
|
|
@ -29,8 +29,8 @@ namespace OC\Authentication\Token;
|
|||
|
||||
use OC\Authentication\Events\RemoteWipeFinished;
|
||||
use OC\Authentication\Events\RemoteWipeStarted;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Exceptions\WipeTokenException;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Authentication\Exceptions\WipeTokenException;
|
||||
use OCP\EventDispatcher\IEventDispatcher;
|
||||
use OCP\IUser;
|
||||
use Psr\Log\LoggerInterface;
|
||||
|
|
|
@ -29,10 +29,10 @@ namespace OC\Authentication\TwoFactorAuth;
|
|||
|
||||
use BadMethodCallException;
|
||||
use Exception;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Token\IProvider as TokenProvider;
|
||||
use OCP\Activity\IManager;
|
||||
use OCP\AppFramework\Utility\ITimeFactory;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
|
||||
use OCP\Authentication\TwoFactorAuth\IProvider;
|
||||
use OCP\Authentication\TwoFactorAuth\IRegistry;
|
||||
|
|
|
@ -33,8 +33,8 @@ declare(strict_types=1);
|
|||
*/
|
||||
namespace OC\Session;
|
||||
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Token\IProvider;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Session\Exceptions\SessionNotAvailableException;
|
||||
|
||||
/**
|
||||
|
|
|
@ -39,8 +39,6 @@
|
|||
namespace OC\User;
|
||||
|
||||
use OC;
|
||||
use OC\Authentication\Exceptions\ExpiredTokenException;
|
||||
use OC\Authentication\Exceptions\InvalidTokenException;
|
||||
use OC\Authentication\Exceptions\PasswordlessTokenException;
|
||||
use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
|
||||
use OC\Authentication\Token\IProvider;
|
||||
|
@ -51,6 +49,8 @@ use OC_User;
|
|||
use OC_Util;
|
||||
use OCA\DAV\Connector\Sabre\Auth;
|
||||
use OCP\AppFramework\Utility\ITimeFactory;
|
||||
use OCP\Authentication\Exceptions\ExpiredTokenException;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\EventDispatcher\GenericEvent;
|
||||
use OCP\EventDispatcher\IEventDispatcher;
|
||||
use OCP\Files\NotPermittedException;
|
||||
|
|
Loading…
Reference in New Issue