Skip to content

Commit

Permalink
Cleanup middleware registering
Browse files Browse the repository at this point in the history 
Fixes #12224

Since we only use the middleware at 1 location it makes no sense to
register them in each and every container.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
  • Loading branch information
@rullzer
rullzer committed Nov 23, 2018
1 parent 8d2be47 commit c8cd787
Showing 1 changed file with 75 additions and 97 deletions.
172 changes: 75 additions & 97 deletions lib/private/AppFramework/DependencyInjection/DIContainer.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,9 +58,11 @@
use OCP\GlobalScale\IConfig;
use OCP\IL10N;
use OCP\ILogger;
use OCP\INavigationManager;
use OCP\IRequest;
use OCP\IServerContainer;
use OCP\ISession;
use OCP\IURLGenerator;
use OCP\IUserSession;
use OCA\WorkflowEngine\Manager;

Expand Down Expand Up @@ -180,15 +182,37 @@ public function __construct($appName, $urlParams = array(), ServerContainer $ser
* Middleware
*/
$app = $this;
$this->registerService('SecurityMiddleware', function($c) use ($app){
/** @var \OC\Server $server */
$server = $app->getServer();

return new SecurityMiddleware(
$c['Request'],
$server->query(IControllerMethodReflector::class),
$server->getNavigationManager(),
$server->getURLGenerator(),
$middleWares = &$this->middleWares;
$this->registerService('MiddlewareDispatcher', function(SimpleContainer $c) use (&$middleWares, $app) {
$server = $app->getServer();

$dispatcher = new MiddlewareDispatcher();
$dispatcher->registerMiddleware(
new OC\AppFramework\Middleware\Security\SameSiteCookieMiddleware(
$c->query(IRequest::class),
$c->query(IControllerMethodReflector::class)
)
);
$dispatcher->registerMiddleware(
new CORSMiddleware(
$c->query(IRequest::class),
$c->query(IControllerMethodReflector::class),
$c->query(IUserSession::class),
$c->query(OC\Security\Bruteforce\Throttler::class)
)
);
$dispatcher->registerMiddleware(
new OCSMiddleware(
$c->query(IRequest::class)
)
);

$securityMiddleware = new SecurityMiddleware(
$c->query(IRequest::class),
$c->query(IControllerMethodReflector::class),
$c->query(INavigationManager::class),
$c->query(IURLGenerator::class),
$server->getLogger(),
$c['AppName'],
$server->getUserSession()->isLoggedIn(),
Expand All @@ -199,105 +223,59 @@ public function __construct($appName, $urlParams = array(), ServerContainer $ser
$server->getAppManager(),
$server->getL10N('lib')
);
});

$this->registerService(OC\AppFramework\Middleware\Security\PasswordConfirmationMiddleware::class, function ($c) use ($app) {
/** @var \OC\Server $server */
$server = $app->getServer();

return new OC\AppFramework\Middleware\Security\PasswordConfirmationMiddleware(
$c->query(IControllerMethodReflector::class),
$server->getSession(),
$server->getUserSession(),
$server->query(ITimeFactory::class)
);
});

$this->registerService('BruteForceMiddleware', function($c) use ($app) {
/** @var \OC\Server $server */
$server = $app->getServer();

return new OC\AppFramework\Middleware\Security\BruteForceMiddleware(
$c->query(IControllerMethodReflector::class),
$server->getBruteForceThrottler(),
$server->getRequest()
);
});

$this->registerService('RateLimitingMiddleware', function($c) use ($app) {
/** @var \OC\Server $server */
$server = $app->getServer();

return new RateLimitingMiddleware(
$server->getRequest(),
$server->getUserSession(),
$c->query(IControllerMethodReflector::class),
$c->query(OC\Security\RateLimiting\Limiter::class)
$dispatcher->registerMiddleware($securityMiddleware);
$dispatcher->registerMiddleware(
new OC\AppFramework\Middleware\Security\PasswordConfirmationMiddleware(
$c->query(IControllerMethodReflector::class),
$c->query(ISession::class),
$c->query(IUserSession::class),
$c->query(ITimeFactory::class)
)
);
});

$this->registerService('CORSMiddleware', function($c) {
return new CORSMiddleware(
$c['Request'],
$c->query(IControllerMethodReflector::class),
$c->query(IUserSession::class),
$c->getServer()->getBruteForceThrottler()
$dispatcher->registerMiddleware(
new TwoFactorMiddleware(
$c->query(OC\Authentication\TwoFactorAuth\Manager::class),
$c->query(IUserSession::class),
$c->query(ISession::class),
$c->query(IURLGenerator::class),
$c->query(IControllerMethodReflector::class),
$c->query(IRequest::class)
)
);
});

$this->registerService('SessionMiddleware', function($c) use ($app) {
return new SessionMiddleware(
$c['Request'],
$c->query(IControllerMethodReflector::class),
$app->getServer()->getSession()
$dispatcher->registerMiddleware(
new OC\AppFramework\Middleware\Security\BruteForceMiddleware(
$c->query(IControllerMethodReflector::class),
$c->query(OC\Security\Bruteforce\Throttler::class),
$c->query(IRequest::class)
)
);
});

$this->registerService('TwoFactorMiddleware', function (SimpleContainer $c) use ($app) {
$twoFactorManager = $c->getServer()->getTwoFactorAuthManager();
$userSession = $app->getServer()->getUserSession();
$session = $app->getServer()->getSession();
$urlGenerator = $app->getServer()->getURLGenerator();
$reflector = $c->query(IControllerMethodReflector::class);
$request = $app->getServer()->getRequest();
return new TwoFactorMiddleware($twoFactorManager, $userSession, $session, $urlGenerator, $reflector, $request);
});

$this->registerService('OCSMiddleware', function (SimpleContainer $c) {
return new OCSMiddleware(
$c['Request']
$dispatcher->registerMiddleware(
new RateLimitingMiddleware(
$c->query(IRequest::class),
$c->query(IUserSession::class),
$c->query(IControllerMethodReflector::class),
$c->query(OC\Security\RateLimiting\Limiter::class)
)
);
});

$this->registerService(OC\AppFramework\Middleware\Security\SameSiteCookieMiddleware::class, function (SimpleContainer $c) {
return new OC\AppFramework\Middleware\Security\SameSiteCookieMiddleware(
$c['Request'],
$c->query(IControllerMethodReflector::class)
$dispatcher->registerMiddleware(
new OC\AppFramework\Middleware\PublicShare\PublicShareMiddleware(
$c->query(IRequest::class),
$c->query(ISession::class),
$c->query(\OCP\IConfig::class)
)
);
});

$middleWares = &$this->middleWares;
$this->registerService('MiddlewareDispatcher', function(SimpleContainer $c) use (&$middleWares) {
$dispatcher = new MiddlewareDispatcher();
$dispatcher->registerMiddleware($c[OC\AppFramework\Middleware\Security\SameSiteCookieMiddleware::class]);
$dispatcher->registerMiddleware($c['CORSMiddleware']);
$dispatcher->registerMiddleware($c['OCSMiddleware']);
$dispatcher->registerMiddleware($c['SecurityMiddleware']);
$dispatcher->registerMiddleware($c[OC\AppFramework\Middleware\Security\PasswordConfirmationMiddleware::class]);
$dispatcher->registerMiddleware($c['TwoFactorMiddleware']);
$dispatcher->registerMiddleware($c['BruteForceMiddleware']);
$dispatcher->registerMiddleware($c['RateLimitingMiddleware']);
$dispatcher->registerMiddleware(new OC\AppFramework\Middleware\PublicShare\PublicShareMiddleware(
$c['Request'],
$c->query(ISession::class),
$c->query(\OCP\IConfig::class)
));

foreach($middleWares as $middleWare) {
$dispatcher->registerMiddleware($c[$middleWare]);
}

$dispatcher->registerMiddleware($c['SessionMiddleware']);
$dispatcher->registerMiddleware(
new SessionMiddleware(
$c->query(IRequest::class),
$c->query(IControllerMethodReflector::class),
$c->query(ISession::class)
)
);
return $dispatcher;
});

Expand Down

0 comments on commit c8cd787

Please sign in to comment.