Skip to content

Commit

Permalink
refactor(federation): Replace security annotations with respective at…
Browse files Browse the repository at this point in the history 
…tributes

Signed-off-by: provokateurin <[email protected]>
  • Loading branch information
@provokateurin
provokateurin committed Jul 27, 2024
1 parent 212a621 commit fb56bfe
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 20 deletions.
31 changes: 15 additions & 16 deletions apps/federation/lib/Controller/OCSAuthAPIController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,10 @@
use OCA\Federation\DbHandler;
use OCA\Federation\TrustedServers;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Attribute\BruteForceProtection;
use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
use OCP\AppFramework\Http\Attribute\OpenAPI;
use OCP\AppFramework\Http\Attribute\PublicPage;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\OCS\OCSForbiddenException;
use OCP\AppFramework\OCSController;
Expand Down Expand Up @@ -63,17 +66,16 @@ public function __construct(
/**
* Request received to ask remote server for a shared secret, for legacy end-points
*
* @NoCSRFRequired
* @PublicPage
* @BruteForceProtection(action=federationSharedSecret)
*
* @param string $url URL of the server
* @param string $token Token of the server
* @return DataResponse<Http::STATUS_OK, array<empty>, array{}>
* @throws OCSForbiddenException Requesting shared secret is not allowed
*
* 200: Shared secret requested successfully
*/
#[NoCSRFRequired]
#[PublicPage]
BruteForceProtection(action: 'federationSharedSecret')]

Check failure

Code scanning / Psalm

ParseError Error

Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST on line 78

Check failure on line 78 in apps/federation/lib/Controller/OCSAuthAPIController.php

View workflow job for this annotation

GitHub Actions / static-code-analysis

ParseError 

apps/federation/lib/Controller/OCSAuthAPIController.php:78:2: ParseError: Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST on line 78 (see https://psalm.dev/173)
public function requestSharedSecretLegacy(string $url, string $token): DataResponse {
return $this->requestSharedSecret($url, $token);
}
Expand All @@ -82,35 +84,33 @@ public function requestSharedSecretLegacy(string $url, string $token): DataRespo
/**
* Create shared secret and return it, for legacy end-points
*
* @NoCSRFRequired
* @PublicPage
* @BruteForceProtection(action=federationSharedSecret)
*
* @param string $url URL of the server
* @param string $token Token of the server
* @return DataResponse<Http::STATUS_OK, array{sharedSecret: string}, array{}>
* @throws OCSForbiddenException Getting shared secret is not allowed
*
* 200: Shared secret returned
*/
#[NoCSRFRequired]
#[PublicPage]
BruteForceProtection(action: 'federationSharedSecret')]

Check failure

Code scanning / Psalm

ParseError Error

Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST on line 96

Check failure on line 96 in apps/federation/lib/Controller/OCSAuthAPIController.php

View workflow job for this annotation

GitHub Actions / static-code-analysis

ParseError 

apps/federation/lib/Controller/OCSAuthAPIController.php:96:2: ParseError: Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST on line 96 (see https://psalm.dev/173)
public function getSharedSecretLegacy(string $url, string $token): DataResponse {
return $this->getSharedSecret($url, $token);
}

/**
* Request received to ask remote server for a shared secret
*
* @NoCSRFRequired
* @PublicPage
* @BruteForceProtection(action=federationSharedSecret)
*
* @param string $url URL of the server
* @param string $token Token of the server
* @return DataResponse<Http::STATUS_OK, array<empty>, array{}>
* @throws OCSForbiddenException Requesting shared secret is not allowed
*
* 200: Shared secret requested successfully
*/
#[NoCSRFRequired]
#[PublicPage]
BruteForceProtection(action: 'federationSharedSecret')]

Check failure

Code scanning / Psalm

ParseError Error

Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST on line 113

Check failure on line 113 in apps/federation/lib/Controller/OCSAuthAPIController.php

View workflow job for this annotation

GitHub Actions / static-code-analysis

ParseError 

apps/federation/lib/Controller/OCSAuthAPIController.php:113:2: ParseError: Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST on line 113 (see https://psalm.dev/173)
public function requestSharedSecret(string $url, string $token): DataResponse {
if ($this->trustedServers->isTrustedServer($url) === false) {
$this->throttler->registerAttempt('federationSharedSecret', $this->request->getRemoteAddress());
Expand Down Expand Up @@ -144,17 +144,16 @@ public function requestSharedSecret(string $url, string $token): DataResponse {
/**
* Create shared secret and return it
*
* @NoCSRFRequired
* @PublicPage
* @BruteForceProtection(action=federationSharedSecret)
*
* @param string $url URL of the server
* @param string $token Token of the server
* @return DataResponse<Http::STATUS_OK, array{sharedSecret: string}, array{}>
* @throws OCSForbiddenException Getting shared secret is not allowed
*
* 200: Shared secret returned
*/
#[NoCSRFRequired]
#[PublicPage]
BruteForceProtection(action: 'federationSharedSecret')]

Check failure

Code scanning / Psalm

ParseError Error

Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST on line 156

Check failure on line 156 in apps/federation/lib/Controller/OCSAuthAPIController.php

View workflow job for this annotation

GitHub Actions / static-code-analysis

ParseError 

apps/federation/lib/Controller/OCSAuthAPIController.php:156:2: ParseError: Syntax error, unexpected T_STRING, expecting T_FUNCTION or T_CONST on line 156 (see https://psalm.dev/173)
public function getSharedSecret(string $url, string $token): DataResponse {
if ($this->trustedServers->isTrustedServer($url) === false) {
$this->throttler->registerAttempt('federationSharedSecret', $this->request->getRemoteAddress());
Expand Down
9 changes: 5 additions & 4 deletions apps/federation/lib/Controller/SettingsController.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,10 @@
*/
namespace OCA\Federation\Controller;

use OCA\Federation\Settings\Admin;
use OCA\Federation\TrustedServers;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\Attribute\AuthorizedAdminSetting;
use OCP\AppFramework\Http\DataResponse;
use OCP\HintException;
use OCP\IL10N;
Expand All @@ -32,9 +34,9 @@ public function __construct(string $AppName,
/**
* Add server to the list of trusted Nextclouds.
*
* @AuthorizedAdminSetting(settings=OCA\Federation\Settings\Admin)
* @throws HintException
*/
#[AuthorizedAdminSetting(settings: Admin::class)]
public function addServer(string $url): DataResponse {
$this->checkServer($url);
$id = $this->trustedServers->addServer($url);
Expand All @@ -48,9 +50,8 @@ public function addServer(string $url): DataResponse {

/**
* Add server to the list of trusted Nextclouds.
*
* @AuthorizedAdminSetting(settings=OCA\Federation\Settings\Admin)
*/
#[AuthorizedAdminSetting(settings: Admin::class)]
public function removeServer(int $id): DataResponse {
$this->trustedServers->removeServer($id);
return new DataResponse();
Expand All @@ -59,9 +60,9 @@ public function removeServer(int $id): DataResponse {
/**
* Check if the server should be added to the list of trusted servers or not.
*
* @AuthorizedAdminSetting(settings=OCA\Federation\Settings\Admin)
* @throws HintException
*/
#[AuthorizedAdminSetting(settings: Admin::class)]
protected function checkServer(string $url): bool {
if ($this->trustedServers->isTrustedServer($url) === true) {
$message = 'Server is already in the list of trusted servers.';
Expand Down

0 comments on commit fb56bfe

Please sign in to comment.