From 25309bcb45232bf30fe719bac1776f0136f7cd7a Mon Sep 17 00:00:00 2001 From: Joas Schilling Date: Mon, 28 Aug 2023 15:50:45 +0200 Subject: [PATCH] techdebt(DI): Use public IThrottler interface which exists since Nextcloud 25 Signed-off-by: Joas Schilling --- apps/dav/lib/Connector/PublicAuth.php | 6 +++--- apps/dav/lib/Connector/Sabre/Auth.php | 6 +++--- apps/dav/lib/Direct/DirectHome.php | 8 +++++--- apps/dav/lib/Direct/ServerFactory.php | 5 +++-- apps/dav/tests/unit/Connector/PublicAuthTest.php | 6 +++--- apps/dav/tests/unit/Connector/Sabre/AuthTest.php | 6 +++--- apps/dav/tests/unit/Direct/DirectHomeTest.php | 6 +++--- apps/oauth2/lib/Controller/OauthApiController.php | 4 ++-- .../tests/Controller/OauthApiControllerTest.php | 6 +++--- core/Controller/LoginController.php | 4 ++-- lib/base.php | 5 +++-- .../AppFramework/DependencyInjection/DIContainer.php | 7 ++++--- .../Middleware/PublicShare/PublicShareMiddleware.php | 6 +++--- .../Middleware/Security/BruteForceMiddleware.php | 4 ++-- .../Middleware/Security/CORSMiddleware.php | 12 +++--------- lib/private/Server.php | 2 +- lib/private/User/Session.php | 8 ++++---- tests/Core/Controller/LoginControllerTest.php | 6 +++--- .../PublicShare/PublicShareMiddlewareTest.php | 6 +++--- .../Middleware/Security/BruteForceMiddlewareTest.php | 6 +++--- .../Middleware/Security/CORSMiddlewareTest.php | 9 +++++---- tests/lib/User/SessionTest.php | 6 +++--- 22 files changed, 67 insertions(+), 67 deletions(-) diff --git a/apps/dav/lib/Connector/PublicAuth.php b/apps/dav/lib/Connector/PublicAuth.php index cc51a249e7570..6f58e89f1c0ee 100644 --- a/apps/dav/lib/Connector/PublicAuth.php +++ b/apps/dav/lib/Connector/PublicAuth.php @@ -29,9 +29,9 @@ */ namespace OCA\DAV\Connector; -use OC\Security\Bruteforce\Throttler; use OCP\IRequest; use OCP\ISession; +use OCP\Security\Bruteforce\IThrottler; use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\IManager; use OCP\Share\IShare; @@ -48,12 +48,12 @@ class PublicAuth extends AbstractBasic { private IManager $shareManager; private ISession $session; private IRequest $request; - private Throttler $throttler; + private IThrottler $throttler; public function __construct(IRequest $request, IManager $shareManager, ISession $session, - Throttler $throttler) { + IThrottler $throttler) { $this->request = $request; $this->shareManager = $shareManager; $this->session = $session; diff --git a/apps/dav/lib/Connector/Sabre/Auth.php b/apps/dav/lib/Connector/Sabre/Auth.php index 75e3f61fded65..29e3934970402 100644 --- a/apps/dav/lib/Connector/Sabre/Auth.php +++ b/apps/dav/lib/Connector/Sabre/Auth.php @@ -36,12 +36,12 @@ use Exception; use OC\Authentication\Exceptions\PasswordLoginForbiddenException; use OC\Authentication\TwoFactorAuth\Manager; -use OC\Security\Bruteforce\Throttler; use OC\User\Session; use OCA\DAV\Connector\Sabre\Exception\PasswordLoginForbidden; use OCA\DAV\Connector\Sabre\Exception\TooManyRequests; use OCP\IRequest; use OCP\ISession; +use OCP\Security\Bruteforce\IThrottler; use OCP\Security\Bruteforce\MaxDelayReached; use Psr\Log\LoggerInterface; use Sabre\DAV\Auth\Backend\AbstractBasic; @@ -58,13 +58,13 @@ class Auth extends AbstractBasic { private IRequest $request; private ?string $currentUser = null; private Manager $twoFactorManager; - private Throttler $throttler; + private IThrottler $throttler; public function __construct(ISession $session, Session $userSession, IRequest $request, Manager $twoFactorManager, - Throttler $throttler, + IThrottler $throttler, string $principalPrefix = 'principals/users/') { $this->session = $session; $this->userSession = $userSession; diff --git a/apps/dav/lib/Direct/DirectHome.php b/apps/dav/lib/Direct/DirectHome.php index 5453a61ed468a..8fc8b555db523 100644 --- a/apps/dav/lib/Direct/DirectHome.php +++ b/apps/dav/lib/Direct/DirectHome.php @@ -26,13 +26,13 @@ */ namespace OCA\DAV\Direct; -use OC\Security\Bruteforce\Throttler; use OCA\DAV\Db\DirectMapper; use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Utility\ITimeFactory; use OCP\EventDispatcher\IEventDispatcher; use OCP\Files\IRootFolder; use OCP\IRequest; +use OCP\Security\Bruteforce\IThrottler; use Sabre\DAV\Exception\Forbidden; use Sabre\DAV\Exception\MethodNotAllowed; use Sabre\DAV\Exception\NotFound; @@ -49,18 +49,20 @@ class DirectHome implements ICollection { /** @var ITimeFactory */ private $timeFactory; - /** @var Throttler */ + /** @var IThrottler */ private $throttler; /** @var IRequest */ private $request; + + /** @var IEventDispatcher */ private $eventDispatcher; public function __construct( IRootFolder $rootFolder, DirectMapper $mapper, ITimeFactory $timeFactory, - Throttler $throttler, + IThrottler $throttler, IRequest $request, IEventDispatcher $eventDispatcher ) { diff --git a/apps/dav/lib/Direct/ServerFactory.php b/apps/dav/lib/Direct/ServerFactory.php index 05587ab4c2cda..ce689b1e88e64 100644 --- a/apps/dav/lib/Direct/ServerFactory.php +++ b/apps/dav/lib/Direct/ServerFactory.php @@ -27,7 +27,6 @@ */ namespace OCA\DAV\Direct; -use OC\Security\Bruteforce\Throttler; use OCA\DAV\Connector\Sabre\MaintenancePlugin; use OCA\DAV\Db\DirectMapper; use OCP\AppFramework\Utility\ITimeFactory; @@ -37,12 +36,14 @@ use OCP\IL10N; use OCP\IRequest; use OCP\L10N\IFactory; +use OCP\Security\Bruteforce\IThrottler; class ServerFactory { /** @var IConfig */ private $config; /** @var IL10N */ private $l10n; + /** @var IEventDispatcher */ private $eventDispatcher; public function __construct(IConfig $config, IFactory $l10nFactory, IEventDispatcher $eventDispatcher) { @@ -56,7 +57,7 @@ public function createServer(string $baseURI, IRootFolder $rootFolder, DirectMapper $mapper, ITimeFactory $timeFactory, - Throttler $throttler, + IThrottler $throttler, IRequest $request): Server { $home = new DirectHome($rootFolder, $mapper, $timeFactory, $throttler, $request, $this->eventDispatcher); $server = new Server($home); diff --git a/apps/dav/tests/unit/Connector/PublicAuthTest.php b/apps/dav/tests/unit/Connector/PublicAuthTest.php index bbb391c8f288d..25cad495ce91d 100644 --- a/apps/dav/tests/unit/Connector/PublicAuthTest.php +++ b/apps/dav/tests/unit/Connector/PublicAuthTest.php @@ -26,9 +26,9 @@ */ namespace OCA\DAV\Tests\unit\Connector; -use OC\Security\Bruteforce\Throttler; use OCP\IRequest; use OCP\ISession; +use OCP\Security\Bruteforce\IThrottler; use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\IManager; use OCP\Share\IShare; @@ -50,7 +50,7 @@ class PublicAuthTest extends \Test\TestCase { private $shareManager; /** @var \OCA\DAV\Connector\PublicAuth */ private $auth; - /** @var Throttler|\PHPUnit\Framework\MockObject\MockObject */ + /** @var IThrottler|\PHPUnit\Framework\MockObject\MockObject */ private $throttler; /** @var string */ @@ -68,7 +68,7 @@ protected function setUp(): void { $this->shareManager = $this->getMockBuilder(IManager::class) ->disableOriginalConstructor() ->getMock(); - $this->throttler = $this->getMockBuilder(Throttler::class) + $this->throttler = $this->getMockBuilder(IThrottler::class) ->disableOriginalConstructor() ->getMock(); diff --git a/apps/dav/tests/unit/Connector/Sabre/AuthTest.php b/apps/dav/tests/unit/Connector/Sabre/AuthTest.php index b3b3341240acd..06559261f3cdb 100644 --- a/apps/dav/tests/unit/Connector/Sabre/AuthTest.php +++ b/apps/dav/tests/unit/Connector/Sabre/AuthTest.php @@ -30,11 +30,11 @@ namespace OCA\DAV\Tests\unit\Connector\Sabre; use OC\Authentication\TwoFactorAuth\Manager; -use OC\Security\Bruteforce\Throttler; use OC\User\Session; use OCP\IRequest; use OCP\ISession; use OCP\IUser; +use OCP\Security\Bruteforce\IThrottler; use Sabre\DAV\Server; use Sabre\HTTP\RequestInterface; use Sabre\HTTP\ResponseInterface; @@ -57,7 +57,7 @@ class AuthTest extends TestCase { private $request; /** @var Manager */ private $twoFactorManager; - /** @var Throttler */ + /** @var IThrottler */ private $throttler; protected function setUp(): void { @@ -71,7 +71,7 @@ protected function setUp(): void { $this->twoFactorManager = $this->getMockBuilder(Manager::class) ->disableOriginalConstructor() ->getMock(); - $this->throttler = $this->getMockBuilder(Throttler::class) + $this->throttler = $this->getMockBuilder(IThrottler::class) ->disableOriginalConstructor() ->getMock(); $this->auth = new \OCA\DAV\Connector\Sabre\Auth( diff --git a/apps/dav/tests/unit/Direct/DirectHomeTest.php b/apps/dav/tests/unit/Direct/DirectHomeTest.php index 01214b3c48b74..0d0203509ffac 100644 --- a/apps/dav/tests/unit/Direct/DirectHomeTest.php +++ b/apps/dav/tests/unit/Direct/DirectHomeTest.php @@ -27,7 +27,6 @@ */ namespace OCA\DAV\Tests\Unit\Direct; -use OC\Security\Bruteforce\Throttler; use OCA\DAV\Db\Direct; use OCA\DAV\Db\DirectMapper; use OCA\DAV\Direct\DirectFile; @@ -37,6 +36,7 @@ use OCP\EventDispatcher\IEventDispatcher; use OCP\Files\IRootFolder; use OCP\IRequest; +use OCP\Security\Bruteforce\IThrottler; use Sabre\DAV\Exception\Forbidden; use Sabre\DAV\Exception\MethodNotAllowed; use Sabre\DAV\Exception\NotFound; @@ -53,7 +53,7 @@ class DirectHomeTest extends TestCase { /** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */ private $timeFactory; - /** @var Throttler|\PHPUnit\Framework\MockObject\MockObject */ + /** @var IThrottler|\PHPUnit\Framework\MockObject\MockObject */ private $throttler; /** @var IRequest */ @@ -71,7 +71,7 @@ protected function setUp(): void { $this->directMapper = $this->createMock(DirectMapper::class); $this->rootFolder = $this->createMock(IRootFolder::class); $this->timeFactory = $this->createMock(ITimeFactory::class); - $this->throttler = $this->createMock(Throttler::class); + $this->throttler = $this->createMock(IThrottler::class); $this->request = $this->createMock(IRequest::class); $this->eventDispatcher = $this->createMock(IEventDispatcher::class); diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php index 8cdd813244176..af1205be0d758 100644 --- a/apps/oauth2/lib/Controller/OauthApiController.php +++ b/apps/oauth2/lib/Controller/OauthApiController.php @@ -31,7 +31,6 @@ use OC\Authentication\Exceptions\ExpiredTokenException; use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\IProvider as TokenProvider; -use OC\Security\Bruteforce\Throttler; use OCA\OAuth2\Db\AccessTokenMapper; use OCA\OAuth2\Db\ClientMapper; use OCA\OAuth2\Exceptions\AccessTokenNotFoundException; @@ -41,6 +40,7 @@ use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Utility\ITimeFactory; use OCP\IRequest; +use OCP\Security\Bruteforce\IThrottler; use OCP\Security\ICrypto; use OCP\Security\ISecureRandom; use Psr\Log\LoggerInterface; @@ -57,7 +57,7 @@ public function __construct( private ISecureRandom $secureRandom, private ITimeFactory $time, private LoggerInterface $logger, - private Throttler $throttler + private IThrottler $throttler ) { parent::__construct($appName, $request); } diff --git a/apps/oauth2/tests/Controller/OauthApiControllerTest.php b/apps/oauth2/tests/Controller/OauthApiControllerTest.php index c65302532a937..a7dc35943f035 100644 --- a/apps/oauth2/tests/Controller/OauthApiControllerTest.php +++ b/apps/oauth2/tests/Controller/OauthApiControllerTest.php @@ -29,7 +29,6 @@ use OC\Authentication\Exceptions\InvalidTokenException; use OC\Authentication\Token\IProvider as TokenProvider; use OC\Authentication\Token\PublicKeyToken; -use OC\Security\Bruteforce\Throttler; use OCA\OAuth2\Controller\OauthApiController; use OCA\OAuth2\Db\AccessToken; use OCA\OAuth2\Db\AccessTokenMapper; @@ -41,6 +40,7 @@ use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Utility\ITimeFactory; use OCP\IRequest; +use OCP\Security\Bruteforce\IThrottler; use OCP\Security\ICrypto; use OCP\Security\ISecureRandom; use Psr\Log\LoggerInterface; @@ -66,7 +66,7 @@ class OauthApiControllerTest extends TestCase { private $secureRandom; /** @var ITimeFactory|\PHPUnit\Framework\MockObject\MockObject */ private $time; - /** @var Throttler|\PHPUnit\Framework\MockObject\MockObject */ + /** @var IThrottler|\PHPUnit\Framework\MockObject\MockObject */ private $throttler; /** @var LoggerInterface|\PHPUnit\Framework\MockObject\MockObject */ private $logger; @@ -83,7 +83,7 @@ protected function setUp(): void { $this->tokenProvider = $this->createMock(TokenProvider::class); $this->secureRandom = $this->createMock(ISecureRandom::class); $this->time = $this->createMock(ITimeFactory::class); - $this->throttler = $this->createMock(Throttler::class); + $this->throttler = $this->createMock(IThrottler::class); $this->logger = $this->createMock(LoggerInterface::class); $this->oauthApiController = new OauthApiController( diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php index 5f94c8f8a32aa..af43f2d4c4ac5 100644 --- a/core/Controller/LoginController.php +++ b/core/Controller/LoginController.php @@ -38,7 +38,6 @@ use OC\Authentication\Login\Chain; use OC\Authentication\Login\LoginData; use OC\Authentication\WebAuthn\Manager as WebAuthnManager; -use OC\Security\Bruteforce\Throttler; use OC\User\Session; use OC_App; use OCP\AppFramework\Controller; @@ -58,6 +57,7 @@ use OCP\IUser; use OCP\IUserManager; use OCP\Notification\IManager; +use OCP\Security\Bruteforce\IThrottler; use OCP\Util; #[IgnoreOpenAPI] @@ -74,7 +74,7 @@ public function __construct( private Session $userSession, private IURLGenerator $urlGenerator, private Defaults $defaults, - private Throttler $throttler, + private IThrottler $throttler, private IInitialStateService $initialStateService, private WebAuthnManager $webAuthnManager, private IManager $manager, diff --git a/lib/base.php b/lib/base.php index b328165fdfabc..7153e481edab7 100644 --- a/lib/base.php +++ b/lib/base.php @@ -74,6 +74,7 @@ use OCP\IRequest; use OCP\IURLGenerator; use OCP\IUserSession; +use OCP\Security\Bruteforce\IThrottler; use OCP\Server; use OCP\Share; use OCP\User\Events\UserChangedEvent; @@ -871,7 +872,7 @@ public static function registerCleanupHooks(\OC\SystemConfig $systemConfig): voi // reset brute force delay for this IP address and username $uid = $userSession->getUser()->getUID(); $request = Server::get(IRequest::class); - $throttler = Server::get(\OC\Security\Bruteforce\Throttler::class); + $throttler = Server::get(IThrottler::class); $throttler->resetDelay($request->getRemoteAddress(), 'login', ['user' => $uid]); } @@ -1149,7 +1150,7 @@ public static function handleLogin(OCP\IRequest $request): bool { && $userSession->loginWithCookie($_COOKIE['nc_username'], $_COOKIE['nc_token'], $_COOKIE['nc_session_id'])) { return true; } - if ($userSession->tryBasicAuthLogin($request, Server::get(\OC\Security\Bruteforce\Throttler::class))) { + if ($userSession->tryBasicAuthLogin($request, Server::get(IThrottler::class))) { return true; } return false; diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index 9a9740b7bccc4..a012d1e8ea69f 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -72,6 +72,7 @@ use OCP\ISession; use OCP\IURLGenerator; use OCP\IUserSession; +use OCP\Security\Bruteforce\IThrottler; use Psr\Container\ContainerInterface; use Psr\Log\LoggerInterface; @@ -233,7 +234,7 @@ public function __construct(string $appName, array $urlParams = [], ServerContai $c->get(IRequest::class), $c->get(IControllerMethodReflector::class), $c->get(IUserSession::class), - $c->get(OC\Security\Bruteforce\Throttler::class) + $c->get(IThrottler::class) ) ); $dispatcher->registerMiddleware( @@ -291,7 +292,7 @@ public function __construct(string $appName, array $urlParams = [], ServerContai $dispatcher->registerMiddleware( new OC\AppFramework\Middleware\Security\BruteForceMiddleware( $c->get(IControllerMethodReflector::class), - $c->get(OC\Security\Bruteforce\Throttler::class), + $c->get(IThrottler::class), $c->get(IRequest::class), $c->get(LoggerInterface::class) ) @@ -309,7 +310,7 @@ public function __construct(string $appName, array $urlParams = [], ServerContai $c->get(IRequest::class), $c->get(ISession::class), $c->get(\OCP\IConfig::class), - $c->get(OC\Security\Bruteforce\Throttler::class) + $c->get(IThrottler::class) ) ); $dispatcher->registerMiddleware( diff --git a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php index f20bd333452d9..7acb579938b5b 100644 --- a/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php +++ b/lib/private/AppFramework/Middleware/PublicShare/PublicShareMiddleware.php @@ -24,7 +24,6 @@ namespace OC\AppFramework\Middleware\PublicShare; use OC\AppFramework\Middleware\PublicShare\Exceptions\NeedAuthenticationException; -use OC\Security\Bruteforce\Throttler; use OCP\AppFramework\AuthPublicShareController; use OCP\AppFramework\Http\NotFoundResponse; use OCP\AppFramework\Middleware; @@ -33,6 +32,7 @@ use OCP\IConfig; use OCP\IRequest; use OCP\ISession; +use OCP\Security\Bruteforce\IThrottler; class PublicShareMiddleware extends Middleware { /** @var IRequest */ @@ -44,10 +44,10 @@ class PublicShareMiddleware extends Middleware { /** @var IConfig */ private $config; - /** @var Throttler */ + /** @var IThrottler */ private $throttler; - public function __construct(IRequest $request, ISession $session, IConfig $config, Throttler $throttler) { + public function __construct(IRequest $request, ISession $session, IConfig $config, IThrottler $throttler) { $this->request = $request; $this->session = $session; $this->config = $config; diff --git a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php index a0b915588ad16..574e86a9ca282 100644 --- a/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/BruteForceMiddleware.php @@ -29,7 +29,6 @@ namespace OC\AppFramework\Middleware\Security; use OC\AppFramework\Utility\ControllerMethodReflector; -use OC\Security\Bruteforce\Throttler; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\Attribute\BruteForceProtection; @@ -39,6 +38,7 @@ use OCP\AppFramework\OCS\OCSException; use OCP\AppFramework\OCSController; use OCP\IRequest; +use OCP\Security\Bruteforce\IThrottler; use OCP\Security\Bruteforce\MaxDelayReached; use Psr\Log\LoggerInterface; use ReflectionMethod; @@ -55,7 +55,7 @@ class BruteForceMiddleware extends Middleware { public function __construct( protected ControllerMethodReflector $reflector, - protected Throttler $throttler, + protected IThrottler $throttler, protected IRequest $request, protected LoggerInterface $logger, ) { diff --git a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php index e177a612d96c3..8bdacf550b676 100644 --- a/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php +++ b/lib/private/AppFramework/Middleware/Security/CORSMiddleware.php @@ -29,7 +29,6 @@ use OC\AppFramework\Middleware\Security\Exceptions\SecurityException; use OC\AppFramework\Utility\ControllerMethodReflector; use OC\Authentication\Exceptions\PasswordLoginForbiddenException; -use OC\Security\Bruteforce\Throttler; use OC\User\Session; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; @@ -39,6 +38,7 @@ use OCP\AppFramework\Http\Response; use OCP\AppFramework\Middleware; use OCP\IRequest; +use OCP\Security\Bruteforce\IThrottler; use ReflectionMethod; /** @@ -54,19 +54,13 @@ class CORSMiddleware extends Middleware { private $reflector; /** @var Session */ private $session; - /** @var Throttler */ + /** @var IThrottler */ private $throttler; - /** - * @param IRequest $request - * @param ControllerMethodReflector $reflector - * @param Session $session - * @param Throttler $throttler - */ public function __construct(IRequest $request, ControllerMethodReflector $reflector, Session $session, - Throttler $throttler) { + IThrottler $throttler) { $this->request = $request; $this->reflector = $reflector; $this->session = $session; diff --git a/lib/private/Server.php b/lib/private/Server.php index 7a2987759a4d5..e8ade23d8fe6d 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -2106,7 +2106,7 @@ public function getCsrfTokenManager() { } /** - * @return Throttler + * @return IThrottler * @deprecated 20.0.0 */ public function getBruteForceThrottler() { diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index e7075bce47a06..82887f8d02967 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -419,7 +419,7 @@ public function completeLogin(IUser $user, array $loginDetails, $regenerateSessi * @param string $user * @param string $password * @param IRequest $request - * @param OC\Security\Bruteforce\Throttler $throttler + * @param IThrottler $throttler * @throws LoginException * @throws PasswordLoginForbiddenException * @return boolean @@ -427,7 +427,7 @@ public function completeLogin(IUser $user, array $loginDetails, $regenerateSessi public function logClientIn($user, $password, IRequest $request, - OC\Security\Bruteforce\Throttler $throttler) { + IThrottler $throttler) { $remoteAddress = $request->getRemoteAddress(); $currentDelay = $throttler->sleepDelayOrThrowOnMax($remoteAddress, 'login'); @@ -572,11 +572,11 @@ protected function prepareUserLogin($firstTimeLogin, $refreshCsrfToken = true) { * * @todo do not allow basic auth if the user is 2FA enforced * @param IRequest $request - * @param OC\Security\Bruteforce\Throttler $throttler + * @param IThrottler $throttler * @return boolean if the login was successful */ public function tryBasicAuthLogin(IRequest $request, - OC\Security\Bruteforce\Throttler $throttler) { + IThrottler $throttler) { if (!empty($request->server['PHP_AUTH_USER']) && !empty($request->server['PHP_AUTH_PW'])) { try { if ($this->logClientIn($request->server['PHP_AUTH_USER'], $request->server['PHP_AUTH_PW'], $request, $throttler)) { diff --git a/tests/Core/Controller/LoginControllerTest.php b/tests/Core/Controller/LoginControllerTest.php index 6044440bdaf0e..333baf0aa86f5 100644 --- a/tests/Core/Controller/LoginControllerTest.php +++ b/tests/Core/Controller/LoginControllerTest.php @@ -29,7 +29,6 @@ use OC\Authentication\Login\LoginResult; use OC\Authentication\TwoFactorAuth\Manager; use OC\Core\Controller\LoginController; -use OC\Security\Bruteforce\Throttler; use OC\User\Session; use OCP\AppFramework\Http\RedirectResponse; use OCP\AppFramework\Http\TemplateResponse; @@ -43,6 +42,7 @@ use OCP\IUser; use OCP\IUserManager; use OCP\Notification\IManager; +use OCP\Security\Bruteforce\IThrottler; use PHPUnit\Framework\MockObject\MockObject; use Test\TestCase; @@ -74,7 +74,7 @@ class LoginControllerTest extends TestCase { /** @var Defaults|MockObject */ private $defaults; - /** @var Throttler|MockObject */ + /** @var IThrottler|MockObject */ private $throttler; /** @var IInitialStateService|MockObject */ @@ -99,7 +99,7 @@ protected function setUp(): void { $this->urlGenerator = $this->createMock(IURLGenerator::class); $this->twoFactorManager = $this->createMock(Manager::class); $this->defaults = $this->createMock(Defaults::class); - $this->throttler = $this->createMock(Throttler::class); + $this->throttler = $this->createMock(IThrottler::class); $this->initialStateService = $this->createMock(IInitialStateService::class); $this->webAuthnManager = $this->createMock(\OC\Authentication\WebAuthn\Manager::class); $this->notificationManager = $this->createMock(IManager::class); diff --git a/tests/lib/AppFramework/Middleware/PublicShare/PublicShareMiddlewareTest.php b/tests/lib/AppFramework/Middleware/PublicShare/PublicShareMiddlewareTest.php index 3e48078cbadae..a025f39419ad6 100644 --- a/tests/lib/AppFramework/Middleware/PublicShare/PublicShareMiddlewareTest.php +++ b/tests/lib/AppFramework/Middleware/PublicShare/PublicShareMiddlewareTest.php @@ -25,7 +25,6 @@ use OC\AppFramework\Middleware\PublicShare\Exceptions\NeedAuthenticationException; use OC\AppFramework\Middleware\PublicShare\PublicShareMiddleware; -use OC\Security\Bruteforce\Throttler; use OCP\AppFramework\AuthPublicShareController; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\NotFoundResponse; @@ -36,6 +35,7 @@ use OCP\IRequest; use OCP\ISession; use OCP\IURLGenerator; +use OCP\Security\Bruteforce\IThrottler; class PublicShareMiddlewareTest extends \Test\TestCase { /** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */ @@ -44,7 +44,7 @@ class PublicShareMiddlewareTest extends \Test\TestCase { private $session; /** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */ private $config; - /** @var IConfig|\PHPUnit\Framework\MockObject\MockObject */ + /** @var IThrottler|\PHPUnit\Framework\MockObject\MockObject */ private $throttler; /** @var PublicShareMiddleware */ @@ -57,7 +57,7 @@ protected function setUp(): void { $this->request = $this->createMock(IRequest::class); $this->session = $this->createMock(ISession::class); $this->config = $this->createMock(IConfig::class); - $this->throttler = $this->createMock(Throttler::class); + $this->throttler = $this->createMock(IThrottler::class); $this->middleware = new PublicShareMiddleware( $this->request, diff --git a/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php b/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php index faf2d24d17289..0492d5f7fcfc5 100644 --- a/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php +++ b/tests/lib/AppFramework/Middleware/Security/BruteForceMiddlewareTest.php @@ -24,11 +24,11 @@ use OC\AppFramework\Middleware\Security\BruteForceMiddleware; use OC\AppFramework\Utility\ControllerMethodReflector; -use OC\Security\Bruteforce\Throttler; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\Attribute\BruteForceProtection; use OCP\AppFramework\Http\Response; use OCP\IRequest; +use OCP\Security\Bruteforce\IThrottler; use Psr\Log\LoggerInterface; use Test\TestCase; @@ -55,7 +55,7 @@ public function multipleAttributes(): void { class BruteForceMiddlewareTest extends TestCase { /** @var ControllerMethodReflector */ private $reflector; - /** @var Throttler|\PHPUnit\Framework\MockObject\MockObject */ + /** @var IThrottler|\PHPUnit\Framework\MockObject\MockObject */ private $throttler; /** @var IRequest|\PHPUnit\Framework\MockObject\MockObject */ private $request; @@ -67,7 +67,7 @@ protected function setUp(): void { parent::setUp(); $this->reflector = new ControllerMethodReflector(); - $this->throttler = $this->createMock(Throttler::class); + $this->throttler = $this->createMock(IThrottler::class); $this->request = $this->createMock(IRequest::class); $this->logger = $this->createMock(LoggerInterface::class); diff --git a/tests/lib/AppFramework/Middleware/Security/CORSMiddlewareTest.php b/tests/lib/AppFramework/Middleware/Security/CORSMiddlewareTest.php index 7c48f7e2712b6..80c2ed844511a 100644 --- a/tests/lib/AppFramework/Middleware/Security/CORSMiddlewareTest.php +++ b/tests/lib/AppFramework/Middleware/Security/CORSMiddlewareTest.php @@ -15,21 +15,22 @@ use OC\AppFramework\Middleware\Security\CORSMiddleware; use OC\AppFramework\Middleware\Security\Exceptions\SecurityException; use OC\AppFramework\Utility\ControllerMethodReflector; -use OC\Security\Bruteforce\Throttler; use OC\User\Session; use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\Http\Response; use OCP\IConfig; use OCP\IRequest; use OCP\IRequestId; +use OCP\Security\Bruteforce\IThrottler; +use PHPUnit\Framework\MockObject\MockObject; use Test\AppFramework\Middleware\Security\Mock\CORSMiddlewareController; class CORSMiddlewareTest extends \Test\TestCase { /** @var ControllerMethodReflector */ private $reflector; - /** @var Session|\PHPUnit\Framework\MockObject\MockObject */ + /** @var Session|MockObject */ private $session; - /** @var Throttler */ + /** @var IThrottler|MockObject */ private $throttler; /** @var CORSMiddlewareController */ private $controller; @@ -38,7 +39,7 @@ protected function setUp(): void { parent::setUp(); $this->reflector = new ControllerMethodReflector(); $this->session = $this->createMock(Session::class); - $this->throttler = $this->createMock(Throttler::class); + $this->throttler = $this->createMock(IThrottler::class); $this->controller = new CORSMiddlewareController( 'test', $this->createMock(IRequest::class) diff --git a/tests/lib/User/SessionTest.php b/tests/lib/User/SessionTest.php index 598a8b6e061ea..b6ac7a69fed55 100644 --- a/tests/lib/User/SessionTest.php +++ b/tests/lib/User/SessionTest.php @@ -14,7 +14,6 @@ use OC\Authentication\Exceptions\PasswordLoginForbiddenException; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; -use OC\Security\Bruteforce\Throttler; use OC\Session\Memory; use OC\User\LoginException; use OC\User\Manager; @@ -30,6 +29,7 @@ use OCP\ISession; use OCP\IUser; use OCP\Lockdown\ILockdownManager; +use OCP\Security\Bruteforce\IThrottler; use OCP\Security\ISecureRandom; use OCP\User\Events\PostLoginEvent; use PHPUnit\Framework\MockObject\MockObject; @@ -47,7 +47,7 @@ class SessionTest extends \Test\TestCase { private $tokenProvider; /** @var IConfig|MockObject */ private $config; - /** @var Throttler|MockObject */ + /** @var IThrottler|MockObject */ private $throttler; /** @var ISecureRandom|MockObject */ private $random; @@ -73,7 +73,7 @@ protected function setUp(): void { ->willReturn(10000); $this->tokenProvider = $this->createMock(IProvider::class); $this->config = $this->createMock(IConfig::class); - $this->throttler = $this->createMock(Throttler::class); + $this->throttler = $this->createMock(IThrottler::class); $this->random = $this->createMock(ISecureRandom::class); $this->manager = $this->createMock(Manager::class); $this->session = $this->createMock(ISession::class);