Skip to content

Commit

Permalink
Fix return codes and messages
Browse files Browse the repository at this point in the history
Signed-off-by: Joas Schilling <coding@schilljs.com>
  • Loading branch information
nickvergessen committed Jan 26, 2017
1 parent ec710f6 commit faccadc
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 19 deletions.
3 changes: 2 additions & 1 deletion appinfo/database.xml
Original file line number Diff line number Diff line change
Expand Up @@ -138,8 +138,9 @@
</field>
<field>
<name>devicepublickey</name>
<type>clob</type>
<type>text</type>
<notnull>true</notnull>
<length>512</length>
</field>
<field>
<name>devicepublickeyhash</name>
Expand Down
32 changes: 14 additions & 18 deletions lib/Controller/PushController.php
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@
use OC\Authentication\Exceptions\InvalidTokenException;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
use OC\Security\IdentityProof\Crypto;
use OC\Security\IdentityProof\Manager;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\JSONResponse;
Expand Down Expand Up @@ -53,9 +52,6 @@ class PushController extends OCSController {
/** @var Manager */
private $identityProof;

/** @var Crypto */
private $crypto;

/**
* @param string $appName
* @param IRequest $request
Expand All @@ -64,17 +60,15 @@ class PushController extends OCSController {
* @param IUserSession $userSession
* @param IProvider $tokenProvider
* @param Manager $identityProof
* @param Crypto $crypto
*/
public function __construct($appName, IRequest $request, IDBConnection $db, ISession $session, IUserSession $userSession, IProvider $tokenProvider, Manager $identityProof, Crypto $crypto) {
public function __construct($appName, IRequest $request, IDBConnection $db, ISession $session, IUserSession $userSession, IProvider $tokenProvider, Manager $identityProof) {
parent::__construct($appName, $request);

$this->db = $db;
$this->session = $session;
$this->userSession = $userSession;
$this->tokenProvider = $tokenProvider;
$this->identityProof = $identityProof;
$this->crypto = $crypto;
}

/**
Expand All @@ -92,35 +86,37 @@ public function registerDevice($pushTokenHash, $devicePublicKey) {
}

if (!preg_match('/^([a-f0-9]{128})$/', $pushTokenHash)) {
return new JSONResponse(['message' => 'Invalid hashed push token'], Http::STATUS_BAD_REQUEST);
return new JSONResponse(['message' => 'INVALID_PUSHTOKEN_HASH'], Http::STATUS_BAD_REQUEST);
}

if (strlen($devicePublicKey) !== 450 ||
strpos($devicePublicKey, '-----BEGIN PUBLIC KEY-----') !== 0 ||
strpos($devicePublicKey, '-----END PUBLIC KEY-----') !== 426) {
return new JSONResponse(['message' => 'Invalid device public key'], Http::STATUS_BAD_REQUEST);
return new JSONResponse(['message' => 'INVALID_DEVICE_KEY'], Http::STATUS_BAD_REQUEST);
}

$tokenId = $this->session->get('token-id');
try {
$token = $this->tokenProvider->getTokenById($tokenId);
} catch (InvalidTokenException $e) {
return new JSONResponse(['message' => 'Could not identify session token'], Http::STATUS_BAD_REQUEST);
return new JSONResponse(['message' => 'INVALID_SESSION_TOKEN'], Http::STATUS_BAD_REQUEST);
}

$key = $this->identityProof->getKey($user);

try {
$created = $this->savePushToken($user, $token, $devicePublicKey, $pushTokenHash);
} catch (\BadMethodCallException $e) {
return new JSONResponse(['message' => 'Invalid device public key'], Http::STATUS_BAD_REQUEST);
return new JSONResponse(['message' => 'INVALID_DEVICE_KEY'], Http::STATUS_BAD_REQUEST);
}

$encryptedData = $this->crypto->encrypt(sha1(json_encode([$user->getCloudId(), $token->getId()])), $user);
$deviceIdentifier = hash('sha512', json_encode([$user->getCloudId(), $token->getId()]));
openssl_sign($deviceIdentifier, $signature, $key->getPrivate(), OPENSSL_ALGO_SHA512);

return new JSONResponse([
'publicKey' => $key->getPublic(),
'deviceIdentifier' => $encryptedData['message'],
'signature' => base64_encode($encryptedData['signature']),
'deviceIdentifier' => $deviceIdentifier,
'signature' => base64_encode($signature),
], $created ? Http::STATUS_CREATED : Http::STATUS_OK);
}

Expand All @@ -140,23 +136,23 @@ public function removeDevice($devicePublicKey) {
if (strlen($devicePublicKey) !== 450 ||
strpos($devicePublicKey, '-----BEGIN PUBLIC KEY-----') !== 0 ||
strpos($devicePublicKey, '-----END PUBLIC KEY-----') !== 426) {
return new JSONResponse(['message' => 'Invalid device public key'], Http::STATUS_BAD_REQUEST);
return new JSONResponse(['message' => 'INVALID_DEVICE_KEY'], Http::STATUS_BAD_REQUEST);
}

$sessionId = $this->session->getId();
try {
$token = $this->tokenProvider->getToken($sessionId);
} catch (InvalidTokenException $e) {
return new JSONResponse(['message' => 'Could not identify session token'], Http::STATUS_BAD_REQUEST);
return new JSONResponse(['message' => 'INVALID_SESSION_TOKEN'], Http::STATUS_BAD_REQUEST);
}

try {
$this->deletePushToken($user, $token, $devicePublicKey);
} catch (\BadMethodCallException $e) {
return new JSONResponse(['message' => 'Invalid device public key'], Http::STATUS_BAD_REQUEST);
return new JSONResponse(['message' => 'INVALID_DEVICE_KEY'], Http::STATUS_BAD_REQUEST);
}

return new JSONResponse();
return new JSONResponse([], Http::STATUS_ACCEPTED);
}

/**
Expand Down

0 comments on commit faccadc

Please sign in to comment.