Merge pull request #17 from nextcloud/activities
publish activities when a device is added/removed
This commit is contained in:
Коммит
3321e0dc84
|
@ -24,4 +24,13 @@
|
||||||
<two-factor-providers>
|
<two-factor-providers>
|
||||||
<provider>OCA\TwoFactorU2F\Provider\U2FProvider</provider>
|
<provider>OCA\TwoFactorU2F\Provider\U2FProvider</provider>
|
||||||
</two-factor-providers>
|
</two-factor-providers>
|
||||||
|
|
||||||
|
<activity>
|
||||||
|
<settings>
|
||||||
|
<setting>OCA\TwoFactorU2F\Activity\Setting</setting>
|
||||||
|
</settings>
|
||||||
|
<providers>
|
||||||
|
<provider>OCA\TwoFactorU2F\Activity\Provider</provider>
|
||||||
|
</providers>
|
||||||
|
</activity>
|
||||||
</info>
|
</info>
|
||||||
|
|
|
@ -0,0 +1,80 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||||
|
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||||
|
*
|
||||||
|
* Two-factor U2F
|
||||||
|
*
|
||||||
|
* This code is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Affero General Public License, version 3,
|
||||||
|
* as published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Affero General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace OCA\TwoFactorU2F\Activity;
|
||||||
|
|
||||||
|
use InvalidArgumentException;
|
||||||
|
use OCP\Activity\IEvent;
|
||||||
|
use OCP\Activity\IProvider;
|
||||||
|
use OCP\ILogger;
|
||||||
|
use OCP\IURLGenerator;
|
||||||
|
use OCP\L10N\IFactory as L10nFactory;
|
||||||
|
|
||||||
|
class Provider implements IProvider {
|
||||||
|
|
||||||
|
/** @var L10nFactory */
|
||||||
|
private $l10n;
|
||||||
|
|
||||||
|
/** @var IURLGenerator */
|
||||||
|
private $urlGenerator;
|
||||||
|
|
||||||
|
/** @var ILogger */
|
||||||
|
private $logger;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param L10nFactory $l10n
|
||||||
|
* @param IURLGenerator $urlGenerator
|
||||||
|
* @param ILogger $logger
|
||||||
|
*/
|
||||||
|
public function __construct(L10nFactory $l10n, IURLGenerator $urlGenerator, ILogger $logger) {
|
||||||
|
$this->logger = $logger;
|
||||||
|
$this->urlGenerator = $urlGenerator;
|
||||||
|
$this->l10n = $l10n;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param string $language
|
||||||
|
* @param IEvent $event
|
||||||
|
* @param IEvent $previousEvent
|
||||||
|
* @return IEvent
|
||||||
|
* @throws InvalidArgumentException
|
||||||
|
*/
|
||||||
|
public function parse($language, IEvent $event, IEvent $previousEvent = null) {
|
||||||
|
if ($event->getApp() !== 'twofactor_u2f') {
|
||||||
|
throw new InvalidArgumentException();
|
||||||
|
}
|
||||||
|
|
||||||
|
$l = $this->l10n->get('twofactor_u2f', $language);
|
||||||
|
|
||||||
|
$event->setIcon($this->urlGenerator->getAbsoluteURL($this->urlGenerator->imagePath('core', 'actions/password.svg')));
|
||||||
|
switch ($event->getSubject()) {
|
||||||
|
case 'u2f_device_added':
|
||||||
|
$event->setSubject($l->t('You added an U2F hardware token'));
|
||||||
|
break;
|
||||||
|
case 'u2f_device_removed':
|
||||||
|
$event->setSubject($l->t('You removed an U2F hardware token'));
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
return $event;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,89 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||||
|
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||||
|
*
|
||||||
|
* Two-factor U2F
|
||||||
|
*
|
||||||
|
* This code is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Affero General Public License, version 3,
|
||||||
|
* as published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Affero General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace OCA\TwoFactorU2F\Activity;
|
||||||
|
|
||||||
|
use OCP\Activity\ISetting;
|
||||||
|
use OCP\IL10N;
|
||||||
|
|
||||||
|
class Setting implements ISetting {
|
||||||
|
|
||||||
|
/** @var IL10N */
|
||||||
|
private $l10n;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @param IL10N $l10n
|
||||||
|
*/
|
||||||
|
public function __construct(IL10N $l10n) {
|
||||||
|
$this->l10n = $l10n;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
public function canChangeMail() {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
public function canChangeStream() {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getIdentifier() {
|
||||||
|
return 'twofactor_u2f';
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getName() {
|
||||||
|
return $this->l10n->t('U2F device');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return int
|
||||||
|
*/
|
||||||
|
public function getPriority() {
|
||||||
|
return 30;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
public function isDefaultEnabledMail() {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return boolean
|
||||||
|
*/
|
||||||
|
public function isDefaultEnabledStream() {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -15,13 +15,12 @@ namespace OCA\TwoFactorU2F\Service;
|
||||||
require_once(__DIR__ . '/../../vendor/yubico/u2flib-server/src/u2flib_server/U2F.php');
|
require_once(__DIR__ . '/../../vendor/yubico/u2flib-server/src/u2flib_server/U2F.php');
|
||||||
|
|
||||||
use InvalidArgumentException;
|
use InvalidArgumentException;
|
||||||
use OC;
|
|
||||||
use OCA\TwoFactorU2F\Db\Registration;
|
use OCA\TwoFactorU2F\Db\Registration;
|
||||||
use OCA\TwoFactorU2F\Db\RegistrationMapper;
|
use OCA\TwoFactorU2F\Db\RegistrationMapper;
|
||||||
|
use OCP\Activity\IManager;
|
||||||
use OCP\ILogger;
|
use OCP\ILogger;
|
||||||
use OCP\IRequest;
|
use OCP\IRequest;
|
||||||
use OCP\ISession;
|
use OCP\ISession;
|
||||||
use OCP\IURLGenerator;
|
|
||||||
use OCP\IUser;
|
use OCP\IUser;
|
||||||
use u2flib_server\Error;
|
use u2flib_server\Error;
|
||||||
use u2flib_server\U2F;
|
use u2flib_server\U2F;
|
||||||
|
@ -40,11 +39,15 @@ class U2FManager {
|
||||||
/** @var IRequest */
|
/** @var IRequest */
|
||||||
private $request;
|
private $request;
|
||||||
|
|
||||||
public function __construct(RegistrationMapper $mapper, ISession $session, ILogger $logger, IRequest $request) {
|
/** @var IManager */
|
||||||
|
private $activityManager;
|
||||||
|
|
||||||
|
public function __construct(RegistrationMapper $mapper, ISession $session, ILogger $logger, IRequest $request, IManager $activityManager) {
|
||||||
$this->mapper = $mapper;
|
$this->mapper = $mapper;
|
||||||
$this->session = $session;
|
$this->session = $session;
|
||||||
$this->logger = $logger;
|
$this->logger = $logger;
|
||||||
$this->request = $request;
|
$this->request = $request;
|
||||||
|
$this->activityManager = $activityManager;
|
||||||
}
|
}
|
||||||
|
|
||||||
private function getU2f() {
|
private function getU2f() {
|
||||||
|
@ -69,6 +72,7 @@ class U2FManager {
|
||||||
// TODO: use single query instead
|
// TODO: use single query instead
|
||||||
foreach ($this->mapper->findRegistrations($user) as $registration) {
|
foreach ($this->mapper->findRegistrations($user) as $registration) {
|
||||||
$this->mapper->delete($registration);
|
$this->mapper->delete($registration);
|
||||||
|
$this->publishEvent($user, 'u2f_device_removed');
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -107,10 +111,27 @@ class U2FManager {
|
||||||
$registration->setCertificate($reg->certificate);
|
$registration->setCertificate($reg->certificate);
|
||||||
$registration->setCounter($reg->counter);
|
$registration->setCounter($reg->counter);
|
||||||
$this->mapper->insert($registration);
|
$this->mapper->insert($registration);
|
||||||
|
$this->publishEvent($user, 'u2f_device_added');
|
||||||
|
|
||||||
$this->logger->debug(json_encode($reg));
|
$this->logger->debug(json_encode($reg));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Push an U2F event the user's activity stream
|
||||||
|
*
|
||||||
|
* @param IUser $user
|
||||||
|
* @param string $event
|
||||||
|
*/
|
||||||
|
private function publishEvent(IUser $user, $event) {
|
||||||
|
$activity = $this->activityManager->generateEvent();
|
||||||
|
$activity->setApp('twofactor_u2f')
|
||||||
|
->setType('twofactor')
|
||||||
|
->setAuthor($user->getUID())
|
||||||
|
->setAffectedUser($user->getUID());
|
||||||
|
$activity->setSubject($event);
|
||||||
|
$this->activityManager->publish($activity);
|
||||||
|
}
|
||||||
|
|
||||||
public function startAuthenticate(IUser $user) {
|
public function startAuthenticate(IUser $user) {
|
||||||
$u2f = $this->getU2f();
|
$u2f = $this->getU2f();
|
||||||
$reqs = $u2f->getAuthenticateData($this->getRegistrations($user));
|
$reqs = $u2f->getAuthenticateData($this->getRegistrations($user));
|
||||||
|
|
|
@ -1,7 +1,22 @@
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.bootstrap_2e_create_2e_tests=false
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.bootstrap_2e_enabled=false
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.bootstrap_2e_path=
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.configuration_2e_enabled=true
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.configuration_2e_path=tests/phpunit.xml
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.customSuite_2e_enabled=false
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.customSuite_2e_path=
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.phpUnit_2e_enabled=false
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.phpUnit_2e_path=
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.test_2e_groups_2e_ask=false
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.test_2e_run_2e_all=false
|
||||||
|
auxiliary.org-netbeans-modules-php-phpunit.test_2e_run_2e_phpunit_2e_only=false
|
||||||
|
file.reference.twofactor_u2f-tests=tests
|
||||||
include.path=${php.global.include.path}
|
include.path=${php.global.include.path}
|
||||||
php.version=PHP_54
|
php.version=PHP_56
|
||||||
source.encoding=UTF-8
|
source.encoding=UTF-8
|
||||||
src.dir=.
|
src.dir=.
|
||||||
tags.asp=false
|
tags.asp=false
|
||||||
tags.short=false
|
tags.short=false
|
||||||
|
test.src.dir=${file.reference.twofactor_u2f-tests}
|
||||||
|
testing.providers=PhpUnit
|
||||||
web.root=.
|
web.root=.
|
||||||
|
|
|
@ -1,7 +0,0 @@
|
||||||
<phpunit bootstrap="tests/bootstrap.php" colors="true">
|
|
||||||
<testsuites>
|
|
||||||
<testsuite name="integration">
|
|
||||||
<directory>./tests/integration</directory>
|
|
||||||
</testsuite>
|
|
||||||
</testsuites>
|
|
||||||
</phpunit>
|
|
|
@ -1,7 +0,0 @@
|
||||||
<phpunit bootstrap="tests/bootstrap.php" colors="true">
|
|
||||||
<testsuites>
|
|
||||||
<testsuite name="unit">
|
|
||||||
<directory>./tests/unit</directory>
|
|
||||||
</testsuite>
|
|
||||||
</testsuites>
|
|
||||||
</phpunit>
|
|
|
@ -6,7 +6,7 @@
|
||||||
timeoutForLargeTests="900"
|
timeoutForLargeTests="900"
|
||||||
>
|
>
|
||||||
<testsuite name="U2F app tests">
|
<testsuite name="U2F app tests">
|
||||||
<directory suffix="test.php">.</directory>
|
<directory suffix="Test.php">.</directory>
|
||||||
</testsuite>
|
</testsuite>
|
||||||
</phpunit>
|
</phpunit>
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,112 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||||
|
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||||
|
*
|
||||||
|
* Two-factor U2F
|
||||||
|
*
|
||||||
|
* This code is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Affero General Public License, version 3,
|
||||||
|
* as published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Affero General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace OCA\TwoFactorU2F\Test\Unit\Activity;
|
||||||
|
|
||||||
|
use InvalidArgumentException;
|
||||||
|
use OCA\TwoFactorU2F\Activity\Provider;
|
||||||
|
use OCP\Activity\IEvent;
|
||||||
|
use OCP\IL10N;
|
||||||
|
use OCP\ILogger;
|
||||||
|
use OCP\IURLGenerator;
|
||||||
|
use OCP\L10N\IFactory;
|
||||||
|
use Test\TestCase;
|
||||||
|
|
||||||
|
class ProviderTest extends TestCase {
|
||||||
|
|
||||||
|
private $l10n;
|
||||||
|
private $urlGenerator;
|
||||||
|
private $logger;
|
||||||
|
|
||||||
|
/** @var Provider */
|
||||||
|
private $provider;
|
||||||
|
|
||||||
|
protected function setUp() {
|
||||||
|
parent::setUp();
|
||||||
|
|
||||||
|
$this->l10n = $this->createMock(IFactory::class);
|
||||||
|
$this->urlGenerator = $this->createMock(IURLGenerator::class);
|
||||||
|
$this->logger = $this->createMock(ILogger::class);
|
||||||
|
|
||||||
|
$this->provider = new Provider($this->l10n, $this->urlGenerator, $this->logger);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testParseUnrelated() {
|
||||||
|
$lang = 'ru';
|
||||||
|
$event = $this->createMock(IEvent::class);
|
||||||
|
$event->expects($this->once())
|
||||||
|
->method('getApp')
|
||||||
|
->will($this->returnValue('comments'));
|
||||||
|
$this->setExpectedException(InvalidArgumentException::class);
|
||||||
|
|
||||||
|
$this->provider->parse($lang, $event);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function subjectData() {
|
||||||
|
return [
|
||||||
|
['u2f_device_added'],
|
||||||
|
['u2f_device_removed'],
|
||||||
|
[null],
|
||||||
|
];
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @dataProvider subjectData
|
||||||
|
*/
|
||||||
|
public function testParse($subject) {
|
||||||
|
$lang = 'ru';
|
||||||
|
$event = $this->createMock(IEvent::class);
|
||||||
|
$l = $this->createMock(IL10N::class);
|
||||||
|
|
||||||
|
$event->expects($this->once())
|
||||||
|
->method('getApp')
|
||||||
|
->will($this->returnValue('twofactor_u2f'));
|
||||||
|
$this->l10n->expects($this->once())
|
||||||
|
->method('get')
|
||||||
|
->with('twofactor_u2f', $lang)
|
||||||
|
->will($this->returnValue($l));
|
||||||
|
$this->urlGenerator->expects($this->once())
|
||||||
|
->method('imagePath')
|
||||||
|
->with('core', 'actions/password.svg')
|
||||||
|
->will($this->returnValue('path/to/image'));
|
||||||
|
$this->urlGenerator->expects($this->once())
|
||||||
|
->method('getAbsoluteURL')
|
||||||
|
->with('path/to/image')
|
||||||
|
->will($this->returnValue('absolute/path/to/image'));
|
||||||
|
$event->expects($this->once())
|
||||||
|
->method('setIcon')
|
||||||
|
->with('absolute/path/to/image');
|
||||||
|
$event->expects($this->once())
|
||||||
|
->method('getSubject')
|
||||||
|
->will($this->returnValue($subject));
|
||||||
|
if (is_null($subject)) {
|
||||||
|
$event->expects($this->never())
|
||||||
|
->method('setSubject');
|
||||||
|
} else {
|
||||||
|
$event->expects($this->once())
|
||||||
|
->method('setSubject');
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->provider->parse($lang, $event);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -0,0 +1,58 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @author Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||||
|
* @copyright Copyright (c) 2016 Christoph Wurst <christoph@winzerhof-wurst.at>
|
||||||
|
*
|
||||||
|
* Two-factor U2F
|
||||||
|
*
|
||||||
|
* This code is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Affero General Public License, version 3,
|
||||||
|
* as published by the Free Software Foundation.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Affero General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public License, version 3,
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace OCA\TwoFactorU2F\Test\Unit\Activity;
|
||||||
|
|
||||||
|
use OCA\TwoFactorU2F\Activity\Setting;
|
||||||
|
use OCP\IL10N;
|
||||||
|
use Test\TestCase;
|
||||||
|
|
||||||
|
class SettingTest extends TestCase {
|
||||||
|
|
||||||
|
private $l10n;
|
||||||
|
|
||||||
|
/** @var Setting */
|
||||||
|
private $setting;
|
||||||
|
|
||||||
|
protected function setUp() {
|
||||||
|
parent::setUp();
|
||||||
|
|
||||||
|
$this->l10n = $this->createMock(IL10N::class);
|
||||||
|
|
||||||
|
$this->setting = new Setting($this->l10n);
|
||||||
|
}
|
||||||
|
|
||||||
|
public function testAll() {
|
||||||
|
$this->assertEquals(false, $this->setting->canChangeMail());
|
||||||
|
$this->assertEquals(false, $this->setting->canChangeStream());
|
||||||
|
$this->assertEquals('twofactor_u2f', $this->setting->getIdentifier());
|
||||||
|
$this->l10n->expects($this->once())
|
||||||
|
->method('t')
|
||||||
|
->with('U2F device')
|
||||||
|
->will($this->returnValue('U2F Gerät'));
|
||||||
|
$this->assertEquals('U2F Gerät', $this->setting->getName());
|
||||||
|
$this->assertEquals(30, $this->setting->getPriority());
|
||||||
|
$this->assertEquals(true, $this->setting->isDefaultEnabledMail());
|
||||||
|
$this->assertEquals(true, $this->setting->isDefaultEnabledStream());
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Загрузка…
Ссылка в новой задаче