Fix state propragation of the backup codes provider

Starting with Nextcloud 14, the server knows the enabled/disabled state of 2fa providers. While it will query that information if it's unknown (on first use), it won't notice any changes. Thus, providers have to propagate that information themselves. Ref nextcloud/twofactor_totp#263 Ref nextcloud/twofactor_u2f#210 Signed-off-by: Christoph Wurst <[email protected]>
nextcloud · Jul 31, 2018 · 6afacad · 6afacad
1 parent eedfb0d
commit 6afacad
Show file tree

Hide file tree

Showing 12 changed files with 410 additions and 78 deletions.
diff --git a/apps/twofactor_backupcodes/composer/composer/autoload_classmap.php b/apps/twofactor_backupcodes/composer/composer/autoload_classmap.php
@@ -11,6 +11,10 @@
     'OCA\\TwoFactorBackupCodes\\Controller\\SettingsController' => $baseDir . '/../lib/Controller/SettingsController.php',
     'OCA\\TwoFactorBackupCodes\\Db\\BackupCode' => $baseDir . '/../lib/Db/BackupCode.php',
     'OCA\\TwoFactorBackupCodes\\Db\\BackupCodeMapper' => $baseDir . '/../lib/Db/BackupCodeMapper.php',
+    'OCA\\TwoFactorBackupCodes\\Event\\CodesGenerated' => $baseDir . '/../lib/Event/CodesGenerated.php',
+    'OCA\\TwoFactorBackupCodes\\Listener\\ActivityPublisher' => $baseDir . '/../lib/Listener/ActivityPublisher.php',
+    'OCA\\TwoFactorBackupCodes\\Listener\\IListener' => $baseDir . '/../lib/Listener/IListener.php',
+    'OCA\\TwoFactorBackupCodes\\Listener\\RegistryUpdater' => $baseDir . '/../lib/Listener/RegistryUpdater.php',
     'OCA\\TwoFactorBackupCodes\\Migration\\Version1002Date20170607104347' => $baseDir . '/../lib/Migration/Version1002Date20170607104347.php',
     'OCA\\TwoFactorBackupCodes\\Migration\\Version1002Date20170607113030' => $baseDir . '/../lib/Migration/Version1002Date20170607113030.php',
     'OCA\\TwoFactorBackupCodes\\Migration\\Version1002Date20170919123342' => $baseDir . '/../lib/Migration/Version1002Date20170919123342.php',

diff --git a/apps/twofactor_backupcodes/composer/composer/autoload_static.php b/apps/twofactor_backupcodes/composer/composer/autoload_static.php
@@ -26,6 +26,10 @@ class ComposerStaticInitTwoFactorBackupCodes
         'OCA\\TwoFactorBackupCodes\\Controller\\SettingsController' => __DIR__ . '/..' . '/../lib/Controller/SettingsController.php',
         'OCA\\TwoFactorBackupCodes\\Db\\BackupCode' => __DIR__ . '/..' . '/../lib/Db/BackupCode.php',
         'OCA\\TwoFactorBackupCodes\\Db\\BackupCodeMapper' => __DIR__ . '/..' . '/../lib/Db/BackupCodeMapper.php',
+        'OCA\\TwoFactorBackupCodes\\Event\\CodesGenerated' => __DIR__ . '/..' . '/../lib/Event/CodesGenerated.php',
+        'OCA\\TwoFactorBackupCodes\\Listener\\ActivityPublisher' => __DIR__ . '/..' . '/../lib/Listener/ActivityPublisher.php',
+        'OCA\\TwoFactorBackupCodes\\Listener\\IListener' => __DIR__ . '/..' . '/../lib/Listener/IListener.php',
+        'OCA\\TwoFactorBackupCodes\\Listener\\RegistryUpdater' => __DIR__ . '/..' . '/../lib/Listener/RegistryUpdater.php',
         'OCA\\TwoFactorBackupCodes\\Migration\\Version1002Date20170607104347' => __DIR__ . '/..' . '/../lib/Migration/Version1002Date20170607104347.php',
         'OCA\\TwoFactorBackupCodes\\Migration\\Version1002Date20170607113030' => __DIR__ . '/..' . '/../lib/Migration/Version1002Date20170607113030.php',
         'OCA\\TwoFactorBackupCodes\\Migration\\Version1002Date20170919123342' => __DIR__ . '/..' . '/../lib/Migration/Version1002Date20170919123342.php',

diff --git a/apps/twofactor_backupcodes/lib/AppInfo/Application.php b/apps/twofactor_backupcodes/lib/AppInfo/Application.php
@@ -1,8 +1,10 @@
 <?php
+
 /**
  * @copyright Copyright (c) 2017 Joas Schilling <[email protected]>
  *
  * @author Joas Schilling <[email protected]>
+ * @author Christoph Wurst <[email protected]>
  *
  * @license GNU AGPL version 3 or any later version
  *
@@ -24,11 +26,16 @@
 namespace OCA\TwoFactorBackupCodes\AppInfo;
 
 use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper;
+use OCA\TwoFactorBackupCodes\Event\CodesGenerated;
+use OCA\TwoFactorBackupCodes\Listener\ActivityPublisher;
+use OCA\TwoFactorBackupCodes\Listener\IListener;
+use OCA\TwoFactorBackupCodes\Listener\RegistryUpdater;
 use OCP\AppFramework\App;
 use OCP\Util;
+use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 
 class Application extends App {
-	public function __construct () {
+	public function __construct() {
 		parent::__construct('twofactor_backupcodes');
 	}
 
@@ -44,6 +51,21 @@ public function register() {
 	 */
 	public function registerHooksAndEvents() {
 		Util::connectHook('OC_User', 'post_deleteUser', $this, 'deleteUser');
+
+		$container = $this->getContainer();
+		/** @var EventDispatcherInterface $eventDispatcher */
+		$eventDispatcher = $container->query(EventDispatcherInterface::class);
+		$eventDispatcher->addListener(CodesGenerated::class, function (CodesGenerated $event) use ($container) {
+			/** @var IListener[] $listeners */
+			$listeners = [
+				$container->query(ActivityPublisher::class),
+				$container->query(RegistryUpdater::class),
+			];
+
+			foreach ($listeners as $listener) {
+				$listener->handle($event);
+			}
+		});
 	}
 
 	public function deleteUser($params) {

diff --git a/apps/twofactor_backupcodes/lib/Event/CodesGenerated.php b/apps/twofactor_backupcodes/lib/Event/CodesGenerated.php
@@ -0,0 +1,46 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @author Christoph Wurst <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\TwoFactorBackupCodes\Event;
+
+use OCP\IUser;
+use Symfony\Component\EventDispatcher\Event;
+
+class CodesGenerated extends Event {
+
+	/** @var IUser */
+	private $user;
+
+	public function __construct(IUser $user) {
+		$this->user = $user;
+	}
+
+	/**
+	 * @return IUser
+	 */
+	public function getUser(): IUser {
+		return $this->user;
+	}
+
+}
diff --git a/apps/twofactor_backupcodes/lib/Listener/ActivityPublisher.php b/apps/twofactor_backupcodes/lib/Listener/ActivityPublisher.php
@@ -0,0 +1,49 @@
+<?php
+/**
+ * Created by PhpStorm.
+ * User: christoph
+ * Date: 31.07.18
+ * Time: 09:41
+ */
+
+namespace OCA\TwoFactorBackupCodes\Listener;
+
+use OCA\TwoFactorBackupCodes\Event\CodesGenerated;
+use OCP\Activity\IManager;
+use OCP\ILogger;
+use Symfony\Component\EventDispatcher\Event;
+
+class ActivityPublisher implements IListener {
+
+	/** @var IManager */
+	private $activityManager;
+
+	/** @var ILogger */
+	private $logger;
+
+	public function __construct(IManager $activityManager, ILogger $logger) {
+		$this->activityManager = $activityManager;
+		$this->logger = $logger;
+	}
+
+	/**
+	 * Push an event to the user's activity stream
+	 */
+	public function handle(Event $event) {
+		if ($event instanceof CodesGenerated) {
+			$activity = $this->activityManager->generateEvent();
+			$activity->setApp('twofactor_backupcodes')
+				->setType('security')
+				->setAuthor($event->getUser()->getUID())
+				->setAffectedUser($event->getUser()->getUID())
+				->setSubject('codes_generated');
+			try {
+				$this->activityManager->publish($activity);
+			} catch (BadMethodCallException $e) {
+				$this->logger->warning('could not publish backup code creation activity', ['app' => 'twofactor_backupcodes']);
+				$this->logger->logException($e, ['app' => 'twofactor_backupcodes']);
+			}
+		}
+	}
+
+}
diff --git a/apps/twofactor_backupcodes/lib/Listener/IListener.php b/apps/twofactor_backupcodes/lib/Listener/IListener.php
@@ -0,0 +1,33 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @author Christoph Wurst <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\TwoFactorBackupCodes\Listener;
+
+use Symfony\Component\EventDispatcher\Event;
+
+interface IListener {
+
+	public function handle(Event $event);
+
+}
diff --git a/apps/twofactor_backupcodes/lib/Listener/RegistryUpdater.php b/apps/twofactor_backupcodes/lib/Listener/RegistryUpdater.php
@@ -0,0 +1,50 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @author Christoph Wurst <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\TwoFactorBackupCodes\Listener;
+
+use OCA\TwoFactorBackupCodes\Event\CodesGenerated;
+use OCA\TwoFactorBackupCodes\Provider\BackupCodesProvider;
+use OCP\Authentication\TwoFactorAuth\IRegistry;
+use Symfony\Component\EventDispatcher\Event;
+
+class RegistryUpdater implements IListener {
+
+	/** @var IRegistry */
+	private $registry;
+
+	/** @var BackupCodesProvider */
+	private $provider;
+
+	public function __construct(IRegistry $registry, BackupCodesProvider $provider) {
+		$this->registry = $registry;
+		$this->provider = $provider;
+	}
+
+	public function handle(Event $event) {
+		if ($event instanceof CodesGenerated) {
+			$this->registry->enableProviderFor($this->provider, $event->getUser());
+		}
+	}
+}
diff --git a/apps/twofactor_backupcodes/lib/Service/BackupCodeStorage.php b/apps/twofactor_backupcodes/lib/Service/BackupCodeStorage.php
@@ -25,11 +25,13 @@
 use BadMethodCallException;
 use OCA\TwoFactorBackupCodes\Db\BackupCode;
 use OCA\TwoFactorBackupCodes\Db\BackupCodeMapper;
+use OCA\TwoFactorBackupCodes\Event\CodesGenerated;
 use OCP\Activity\IManager;
 use OCP\ILogger;
 use OCP\IUser;
 use OCP\Security\IHasher;
 use OCP\Security\ISecureRandom;
+use Symfony\Component\EventDispatcher\EventDispatcherInterface;
 
 class BackupCodeStorage {
 
@@ -44,26 +46,17 @@ class BackupCodeStorage {
 	/** @var ISecureRandom */
 	private $random;
 
-	/** @var IManager */
-	private $activityManager;
+	/** @var EventDispatcherInterface */
+	private $eventDispatcher;
 
-	/** @var ILogger */
-	private $logger;
-
-	/**
-	 * @param BackupCodeMapper $mapper
-	 * @param ISecureRandom $random
-	 * @param IHasher $hasher
-	 * @param IManager $activityManager
-	 * @param ILogger $logger
-	 */
-	public function __construct(BackupCodeMapper $mapper, ISecureRandom $random, IHasher $hasher,
-		IManager $activityManager, ILogger $logger) {
+	public function __construct(BackupCodeMapper $mapper,
+								ISecureRandom $random,
+								IHasher $hasher,
+								EventDispatcherInterface $eventDispatcher) {
 		$this->mapper = $mapper;
 		$this->hasher = $hasher;
 		$this->random = $random;
-		$this->activityManager = $activityManager;
-		$this->logger = $logger;
+		$this->eventDispatcher = $eventDispatcher;
 	}
 
 	/**
@@ -89,32 +82,11 @@ public function createCodes(IUser $user, $number = 10) {
 			$result[] = $code;
 		}
 
-		$this->publishEvent($user, 'codes_generated');
+		$this->eventDispatcher->dispatch(CodesGenerated::class, new CodesGenerated($user));
 
 		return $result;
 	}
 
-	/**
-	 * Push an event the user's activity stream
-	 *
-	 * @param IUser $user
-	 * @param string $event
-	 */
-	private function publishEvent(IUser $user, $event) {
-		$activity = $this->activityManager->generateEvent();
-		$activity->setApp('twofactor_backupcodes')
-			->setType('security')
-			->setAuthor($user->getUID())
-			->setAffectedUser($user->getUID())
-			->setSubject($event);
-		try {
-			$this->activityManager->publish($activity);
-		} catch (BadMethodCallException $e) {
-			$this->logger->warning('could not publish backup code creation activity', ['app' => 'twofactor_backupcodes']);
-			$this->logger->logException($e, ['app' => 'twofactor_backupcodes']);
-		}
-	}
-
 	/**
 	 * @param IUser $user
 	 * @return bool
@@ -133,7 +105,7 @@ public function getBackupCodesState(IUser $user) {
 		$total = count($codes);
 		$used = 0;
 		array_walk($codes, function (BackupCode $code) use (&$used) {
-			if (1 === (int) $code->getUsed()) {
+			if (1 === (int)$code->getUsed()) {
 				$used++;
 			}
 		});
@@ -153,7 +125,7 @@ public function validateCode(IUser $user, $code) {
 		$dbCodes = $this->mapper->getBackupCodes($user);
 
 		foreach ($dbCodes as $dbCode) {
-			if (0 === (int) $dbCode->getUsed() && $this->hasher->verify($code, $dbCode->getCode())) {
+			if (0 === (int)$dbCode->getUsed() && $this->hasher->verify($code, $dbCode->getCode())) {
 				$dbCode->setUsed(1);
 				$this->mapper->update($dbCode);
 				return true;

diff --git a/apps/twofactor_backupcodes/tests/Unit/Event/CodesGeneratedTest.php b/apps/twofactor_backupcodes/tests/Unit/Event/CodesGeneratedTest.php
@@ -0,0 +1,40 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @author Christoph Wurst <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\TwoFactorBackupCodes\Tests\Unit\Event;
+
+use OCA\TwoFactorBackupCodes\Event\CodesGenerated;
+use OCP\IUser;
+use Test\TestCase;
+
+class CodesGeneratedTest extends TestCase {
+
+	public function testCodeGeneratedEvent() {
+		$user = $this->createMock(IUser::class);
+
+		$event = new CodesGenerated($user);
+
+		$this->assertSame($user, $event->getUser());
+	}
+}