New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
App specific token_auths #15410
App specific token_auths #15410
Changes from all commits
eb45511
a0814b0
4bfd018
08cc438
d7fa33c
c212987
ca8bdab
ea2339f
1800e2e
d709b22
1f9ce60
b176c12
a08aa7d
220cc33
7e7978f
e5182e0
7ff807f
a60b09d
1816b51
360a013
63dc654
370f8f1
c2d1078
d4c6597
dfe6105
f7671d8
99e87dc
0db3f81
4afd872
4ab8368
924d383
e9032e1
6dfe810
871532b
67eb22a
4369b5b
690a4f2
2ec880f
bac6357
e5bfa31
ab0ebe0
f42e9fb
7df5a0f
6be4fe2
083d9e6
84dca33
888384d
78d8a28
fae64eb
faefb00
0e0cdcf
c0bb59f
0534cb0
60180bc
ba4ad0d
1500628
6ef19d7
dfde586
47095a9
0e6a68a
c437d74
be0160c
d44fd51
ffb8651
5a85558
065c0ed
d10fc52
1b42ee5
19e24b0
e9438d7
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -16,6 +16,7 @@ | |
use Piwik\Period\Week; | ||
use Piwik\Period\Year; | ||
use Piwik\Plugins\UsersManager\API as APIUsersManager; | ||
use Piwik\Plugins\UsersManager\Model; | ||
use Piwik\Translation\Translator; | ||
|
||
/** | ||
|
@@ -257,6 +258,51 @@ public static function checkUserHasSuperUserAccessOrIsTheUser($theUser) | |
} | ||
} | ||
|
||
/** | ||
* Request a token auth to authenticate in a request. | ||
* | ||
* Note: During one request the token is only being requested once and used throughout the request. So you want to make | ||
* sure the token is valid for enough time for the whole request to finish. | ||
* | ||
* @param string $reason some short string/text explaining the reason for the token generation, eg "CliMultiAsyncHttpArchiving" | ||
* @param int $validForHours For how many hours the token should be valid. Should not be valid for more than 14 days. | ||
* @return mixed | ||
*/ | ||
public static function requestTemporarySystemAuthToken($reason, $validForHours) | ||
{ | ||
static $token = array(); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Would this ever need to be reset for tests? If so, might be good to keep it as a class static variable. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I don't think it's needed for tests. If so, we can refactor it for sure 👍 |
||
|
||
if (isset($token[$reason])) { | ||
// note: For now we do not increase the expire time when it is already requested | ||
return $token[$reason]; | ||
} | ||
|
||
$twoWeeksInHours = 14 * 24; | ||
if ($validForHours > $twoWeeksInHours) { | ||
throw new Exception('The token cannot be valid for so many hours: ' . $validForHours); | ||
} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Can we just set There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Not sure @diosmosis personally, would prefer to throw an exception. It be only mostly under development anyway if someone calls it wrongly. Otherwise they might pause 4 weeks and don't notice it won't work because it's changed silently which might not be expected. I could throw the exception though if needed only if Dev Mode is enabled if that helps? And fallback to 2 weeks if dev mode is disabled but then it might be hard to debug some issues. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. We can always remove the exception later if it becomes an issue, so probably not an issue. |
||
|
||
$model = new Model(); | ||
$users = $model->getUsersHavingSuperUserAccess(); | ||
if (!empty($users)) { | ||
$user = reset($users); | ||
$expireDate = Date::now()->addHour($validForHours)->getDatetime(); | ||
|
||
$token[$reason] = $model->generateRandomTokenAuth(); | ||
|
||
$model->addTokenAuth( | ||
$user['login'], | ||
$token[$reason], | ||
'System generated ' . $reason, | ||
Date::now()->getDatetime(), | ||
$expireDate, | ||
true); | ||
|
||
return $token[$reason]; | ||
} | ||
|
||
} | ||
|
||
/** | ||
* Check whether the given user has superuser access. | ||
* | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this for using the session during API requests? I remember when changing to sessions we didn't want to do this for some reason, do you remember why? Wondering if it's still relevant. It might've been for performance.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@diosmosis this is only for requests initiated by the UI. A standard API request will still not use the session. Was like the only workaround I could think of that doesn't break too much. It's actually not even so much of a tokenAuth here but more of an nonce.
Note to myself: Add BruteForce logic here.