diff --git a/appinfo/app.php b/appinfo/app.php
index feadb9d..33a0147 100644
--- a/appinfo/app.php
+++ b/appinfo/app.php
@@ -16,4 +16,7 @@ namespace OCA\Registration\AppInfo;
'href' => \OC::$server->getURLGenerator()->linkToRoute('registration.register.askEmail')
]);
-\OCP\App::registerAdmin('registration', 'admin');
\ No newline at end of file
+\OCP\App::registerAdmin('registration', 'admin');
+
+$app = new \OCP\AppFramework\App('registration');
+$app->getContainer()->registerCapability(\OCA\Registration\Capabilities::class);
diff --git a/appinfo/database.xml b/appinfo/database.xml
index 3a8039c..ff4d751 100644
--- a/appinfo/database.xml
+++ b/appinfo/database.xml
@@ -20,11 +20,33 @@
text
true
+
+ username
+ text
+ true
+
+
+ password
+ text
+
+
+ displayname
+ text
+
+
+ email_confirmed
+ boolean
+ false
+
token
text
true
+
+ client_secret
+ text
+
requested
timestamp
diff --git a/appinfo/info.xml b/appinfo/info.xml
index ead2573..9bbf8fc 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -6,7 +6,7 @@
User registration
agpl
Pellaeon Lin
- 0.2.3
+ 0.2.3-3
https://github.com/pellaeon/registration
https://github.com/pellaeon/registration/issues
https://github.com/pellaeon/registration
diff --git a/appinfo/routes.php b/appinfo/routes.php
index 0ad091e..7db7778 100644
--- a/appinfo/routes.php
+++ b/appinfo/routes.php
@@ -6,13 +6,21 @@
* later. See the COPYING file.
*
* @author Pellaeon Lin
+ * @author Julius Härtl
* @copyright Pellaeon Lin 2014
*/
-return ['routes' => [
- array('name' => 'settings#admin', 'url' => '/settings', 'verb' => 'POST'),
- array('name' => 'register#askEmail', 'url' => '/', 'verb' => 'GET'),
- array('name' => 'register#validateEmail', 'url' => '/', 'verb' => 'POST'),
- array('name' => 'register#verifyToken', 'url' => '/verify/{token}', 'verb' => 'GET'),
- array('name' => 'register#createAccount', 'url' => '/verify/{token}', 'verb' => 'POST')
-]];
+return [
+ 'routes' => [
+ ['name' => 'settings#admin', 'url' => '/settings', 'verb' => 'POST'],
+ ['name' => 'register#askEmail', 'url' => '/', 'verb' => 'GET'],
+ ['name' => 'register#validateEmail', 'url' => '/', 'verb' => 'POST'],
+ ['name' => 'register#verifyToken', 'url' => '/verify/{token}', 'verb' => 'GET'],
+ ['name' => 'register#createAccount', 'url' => '/verify/{token}', 'verb' => 'POST']
+ ],
+ 'ocs' => [
+ ['root' => '/registration', 'name' => 'api#validate', 'url' => '/v1/validate', 'verb' => 'POST'],
+ ['root' => '/registration', 'name' => 'api#status', 'url' => '/v1/status', 'verb' => 'POST'],
+ ['root' => '/registration', 'name' => 'api#register', 'url' => '/v1/register', 'verb' => 'POST']
+ ]
+];
diff --git a/capabilities.php b/capabilities.php
new file mode 100644
index 0000000..035ad97
--- /dev/null
+++ b/capabilities.php
@@ -0,0 +1,50 @@
+
+ *
+ * @author Julius Härtl
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ *
+ */
+
+namespace OCA\Registration;
+
+use OCP\Capabilities\ICapability;
+use OCP\IURLGenerator;
+
+class Capabilities implements ICapability {
+
+ /** @var IURLGenerator */
+ private $urlGenerator;
+
+ public function __construct(IURLGenerator $urlGenerator) {
+ $this->urlGenerator = $urlGenerator;
+ }
+
+ public function getCapabilities() {
+ return [
+ 'registration' =>
+ [
+ 'enabled' => true,
+ 'apiRoot' => $this->urlGenerator->linkTo(
+ '', 'ocs/v1.php/apps/registration/api/v1/'),
+ 'apiLevel' => 'v1'
+ ]
+ ];
+ }
+
+}
\ No newline at end of file
diff --git a/controller/apicontroller.php b/controller/apicontroller.php
new file mode 100644
index 0000000..32bc2d0
--- /dev/null
+++ b/controller/apicontroller.php
@@ -0,0 +1,174 @@
+
+ *
+ * @author Julius Härtl
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ *
+ */
+
+namespace OCA\Registration\Controller;
+
+use OCA\Registration\Db\Registration;
+use OCA\Registration\Service\MailService;
+use OCA\Registration\Service\RegistrationException;
+use OCA\Registration\Service\RegistrationService;
+use OCP\AppFramework\Db\DoesNotExistException;
+use OCP\AppFramework\Http;
+use OCP\AppFramework\OCS\OCSBadRequestException;
+use OCP\AppFramework\OCS\OCSNotFoundException;
+use OCP\AppFramework\OCSController;
+use OCP\AppFramework\OCS\OCSException;
+use OCP\AppFramework\Http\DataResponse;
+use OCP\Defaults;
+use OCP\IL10N;
+use OCP\IRequest;
+
+class ApiController extends OCSController {
+
+ /** @var RegistrationService */
+ private $registrationService;
+ /** @var MailService */
+ private $mailService;
+ /** @var IL10N */
+ private $l10n;
+ /** @var Defaults */
+ private $defaults;
+
+ public function __construct($appName,
+ IRequest $request,
+ $corsMethods = 'PUT, POST, GET, DELETE, PATCH',
+ $corsAllowedHeaders = 'Authorization, Content-Type, Accept',
+ $corsMaxAge = 1728000,
+ RegistrationService $registrationService,
+ MailService $mailService,
+ IL10N $l10n,
+ Defaults $defaults) {
+ parent::__construct($appName, $request, $corsMethods, $corsAllowedHeaders, $corsMaxAge);
+ $this->registrationService = $registrationService;
+ $this->mailService = $mailService;
+ $this->l10n = $l10n;
+ $this->defaults = $defaults;
+ }
+
+ /**
+ * @PublicPage
+ * @AnonRateThrottle(limit=5, period=1)
+ *
+ * @param $username
+ * @param $displayname
+ * @param $email
+ * @throws OCSException
+ * @return DataResponse
+ */
+ public function validate($username, $displayname, $email) {
+ try {
+ $this->registrationService->validateEmail($email);
+ $this->registrationService->validateDisplayname($displayname);
+ $this->registrationService->validateUsername($username);
+ } catch (RegistrationException $e) {
+ throw new OCSBadRequestException($e->getMessage());
+ }
+ $data = [
+ 'username' => $username,
+ 'displayname' => $displayname,
+ 'email' => $email
+ ];
+ return new DataResponse($data, Http::STATUS_OK);
+ }
+
+ /**
+ * @PublicPage
+ *
+ * @param $registrationToken
+ * @param $clientSecret
+ * @throws OCSException
+ * @return DataResponse
+ */
+ public function status($registrationToken, $clientSecret=null) {
+ $data = [];
+ try {
+ /** @var Registration $registration */
+ $registration = $this->registrationService->getRegistrationForToken($registrationToken);
+ if(!$registration->getEmailConfirmed()) {
+ $data = [
+ 'status' => Registration::STATUS_PENDING,
+ 'message' => $this->l10n->t('Your registration is pending. Please confirm your email address.')
+ ];
+ } else {
+ // create account if email confirmed and not already created
+ $user = $this->registrationService->getUserAccount($registration);
+ if($user === null) {
+ $user = $this->registrationService->createAccount($registration);
+ }
+ $this->registrationService->loginUser($user->getUID(), $registration->getUsername(), $registration->getPassword(), true);
+ $appPassword = $this->registrationService->generateAppPassword($user->getUID());
+ if ($clientSecret === $registration->getClientSecret()) {
+ $data = [
+ 'status' => Registration::STATUS_FINISHED,
+ 'appPassword' => $appPassword,
+ 'cloudUrl' => $this->defaults->getBaseUrl()
+ ];
+ $this->registrationService->deleteRegistration($registration);
+ }
+ }
+ return new DataResponse($data, Http::STATUS_OK);
+ } catch (DoesNotExistException $e) {
+ throw new OCSNotFoundException('No pending registration.');
+ }
+ }
+
+ /**
+ * @PublicPage
+ *
+ * @param $username
+ * @param $displayname
+ * @param $email
+ * @param $password
+ * @throws OCSException
+ * @return DataResponse
+ */
+ public function register($username, $displayname, $email, $password) {
+ $data = [];
+ try {
+ $secret = null;
+ $registration = $this->registrationService->validateEmail($email);
+ if($registration === null) {
+ $this->registrationService->validateDisplayname($displayname);
+ $this->registrationService->validateUsername($username);
+ $registration = $this->registrationService->createRegistration($email, $username, $password, $displayname);
+ $this->mailService->sendTokenByMail($registration);
+ $secret = $registration->getClientSecret();
+ } else {
+ $this->registrationService->generateNewToken($registration);
+ $this->mailService->sendTokenByMail($registration);
+ throw new RegistrationException($this->l10n->t('There is already a pending registration with this email, a new verification email has been sent to the address.'));
+ }
+
+ $data['message'] = $this->l10n->t('Your registration is pending. Please confirm your email address.');
+ $data['token'] = $registration->getToken();
+ $data['status'] = Registration::STATUS_PENDING;
+ if($secret !== null) {
+ $data['secret'] = $secret;
+ }
+ return new DataResponse($data, Http::STATUS_OK);
+ } catch (RegistrationException $exception) {
+ throw new OCSException($exception->getMessage());
+ }
+ }
+
+}
\ No newline at end of file
diff --git a/controller/registercontroller.php b/controller/registercontroller.php
index 1770cfc..e69e1c1 100644
--- a/controller/registercontroller.php
+++ b/controller/registercontroller.php
@@ -12,6 +12,8 @@
namespace OCA\Registration\Controller;
+use OCA\Registration\Db\Registration;
+use OCA\Registration\Service\MailService;
use OCA\Registration\Service\RegistrationException;
use OCA\Registration\Service\RegistrationService;
use \OCP\IRequest;
@@ -23,10 +25,14 @@ use \OCP\IL10N;
class RegisterController extends Controller {
+ /** @var IL10N */
private $l10n;
+ /** @var IURLGenerator */
private $urlgenerator;
/** @var RegistrationService */
private $registrationService;
+ /** @var MailService */
+ private $mailService;
public function __construct(
@@ -34,13 +40,14 @@ class RegisterController extends Controller {
IRequest $request,
IL10N $l10n,
IURLGenerator $urlgenerator,
- RegistrationService $registrationService
+ RegistrationService $registrationService,
+ MailService $mailService
){
parent::__construct($appName, $request);
- $this->request = $request;
$this->l10n = $l10n;
$this->urlgenerator = $urlgenerator;
$this->registrationService = $registrationService;
+ $this->mailService = $mailService;
}
/**
@@ -61,19 +68,26 @@ class RegisterController extends Controller {
/**
* @PublicPage
+ *
* @return TemplateResponse
*/
public function validateEmail() {
$email = $this->request->getParam('email');
+
+ if (!$this->registrationService->checkAllowedDomains($email)) {
+ return new TemplateResponse('registration', 'domains', [
+ 'domains' => $this->registrationService->getAllowedDomains()
+ ], 'guest');
+ }
try {
- $validation = $this->registrationService->validateEmail($email);
- if($validation instanceof TemplateResponse) {
- return $validation;
- }
+ $this->registrationService->validateEmail($email);
+ $registration = $this->registrationService->createRegistration($email);
+ $this->mailService->sendTokenByMail($registration);
} catch (RegistrationException $e) {
return $this->renderError($e->getMessage(), $e->getHint());
}
+
return new TemplateResponse('registration', 'message', array('msg' =>
$this->l10n->t('Verification email successfully sent.')
), 'guest');
@@ -88,7 +102,19 @@ class RegisterController extends Controller {
*/
public function verifyToken($token) {
try {
+ /** @var Registration $registration */
$registration = $this->registrationService->verifyToken($token);
+ $this->registrationService->confirmEmail($registration);
+
+ // create account without form if username/password are already stored
+ if ($registration->getUsername() !== "" && $registration->getPassword() !== "") {
+ $this->registrationService->createAccount($registration);
+ return new TemplateResponse('registration', 'message',
+ ['msg' => $this->l10n->t('Your account has been successfully created, you can log in now.', [$this->urlgenerator->getAbsoluteURL('/')])],
+ 'guest'
+ );
+ }
+
return new TemplateResponse('registration', 'form', ['email' => $registration->getEmail(), 'token' => $registration->getToken()], 'guest');
} catch (RegistrationException $exception) {
return $this->renderError($exception->getMessage(), $exception->getHint());
@@ -109,7 +135,7 @@ class RegisterController extends Controller {
$registration = $this->registrationService->getRegistrationForToken($token);
try {
- $this->registrationService->createAccount($token, $username, $password);
+ $this->registrationService->createAccount($registration, $username, $password);
} catch (RegistrationException $exception) {
return $this->renderError($exception->getMessage(), $exception->getHint());
} catch (\InvalidArgumentException $exception) {
diff --git a/db/registration.php b/db/registration.php
index 6798d5f..475a600 100644
--- a/db/registration.php
+++ b/db/registration.php
@@ -27,13 +27,21 @@ use OCP\AppFramework\Db\Entity;
class Registration extends Entity {
+ const STATUS_FINISHED = 0;
+ const STATUS_PENDING = 1;
+
public $id;
protected $email;
+ protected $username;
+ protected $displayname;
+ protected $password;
protected $token;
protected $requested;
- protected $confirmed;
+ protected $emailConfirmed;
+ protected $clientSecret;
public function __construct() {
- $this->addType('confirmed', 'boolean');
+ $this->addType('emailConfirmed', 'boolean');
}
+
}
\ No newline at end of file
diff --git a/db/registrationmapper.php b/db/registrationmapper.php
index 320cf65..21e670a 100644
--- a/db/registrationmapper.php
+++ b/db/registrationmapper.php
@@ -23,6 +23,7 @@
namespace OCA\Registration\Db;
+use OCP\AppFramework\Db\Entity;
use OCP\AppFramework\Db\Mapper;
use OCP\IDBConnection;
use OCP\Security\ISecureRandom;
@@ -37,33 +38,46 @@ class RegistrationMapper extends Mapper {
$this->random = $random;
}
+ /**
+ * @param $token
+ * @return Registration|Entity
+ */
public function findByToken($token) {
return $this->findEntity('SELECT * FROM `*PREFIX*registration` WHERE `token` = ? ', [$token]);
}
- public function findEmailByToken($token) {
- $entity = $this->findByToken($token);
- return $entity->getEmail();
- }
-
+ /**
+ * @param $email
+ * @return Registration|Entity
+ */
public function find($email) {
- $sql = 'SELECT `email` FROM `*PREFIX*registration` WHERE `email` = ? ';
+ $sql = 'SELECT * FROM `*PREFIX*registration` WHERE `email` = ? ';
return $this->findEntity($sql, [$email]);
}
- public function deleteByEmail($email) {
- $entity = $this->findEntity('SELECT * FROM `*PREFIX*registration` WHERE `email` = ?', [$email]);
- return $this->delete($entity);
+ /**
+ * @param Entity $entity
+ * @return Entity
+ */
+ public function insert(Entity $entity) {
+ $entity->setRequested(date('Y-m-d H:i:s'));
+ return parent::insert($entity);
}
- public function save($email) {
+ /**
+ * @param Registration $registration
+ */
+ public function generateNewToken(Registration &$registration) {
$token = $this->random->generate(6, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS);
- $registration = new Registration();
- $registration->setEmail($email);
$registration->setToken($token);
- $registration->setRequested(date('Y-m-d H:i:s'));
- return $this->insert($registration);
+ }
+ /**
+ * @param Registration $registration
+ */
+ public function generateClientSecret(Registration &$registration) {
+ $token = $this->random->generate(32, ISecureRandom::CHAR_HUMAN_READABLE);
+ $registration->setClientSecret($token);
}
}
\ No newline at end of file
diff --git a/service/mailservice.php b/service/mailservice.php
new file mode 100644
index 0000000..0b23008
--- /dev/null
+++ b/service/mailservice.php
@@ -0,0 +1,143 @@
+
+ *
+ * @author Julius Härtl
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see .
+ *
+ */
+
+namespace OCA\Registration\Service;
+
+use OCA\Registration\Db\Registration;
+use OCP\AppFramework\Http\TemplateResponse;
+use OCP\Defaults;
+use OCP\IConfig;
+use OCP\IGroupManager;
+use OCP\IL10N;
+use OCP\ILogger;
+use OCP\IURLGenerator;
+use OCP\Mail\IMailer;
+use OCP\Util;
+
+class MailService {
+
+ /** @var IURLGenerator */
+ private $urlGenerator;
+ /** @var IMailer */
+ private $mailer;
+ /** @var Defaults */
+ private $defaults;
+ /** @var IL10N */
+ private $l10n;
+ /** @var IConfig */
+ private $config;
+ /** @var IGroupManager */
+ private $groupManager;
+ /** @var ILogger */
+ private $logger;
+
+ public function __construct(IURLGenerator $urlGenerator, IMailer $mailer, Defaults $defaults, IL10N $l10n, IConfig $config, IGroupManager $groupManager, ILogger $logger) {
+ $this->urlGenerator = $urlGenerator;
+ $this->mailer = $mailer;
+ $this->defaults = $defaults;
+ $this->l10n = $l10n;
+ $this->config = $config;
+ $this->groupManager = $groupManager;
+ $this->logger = $logger;
+ }
+
+ public function validateEmail($email) {
+ if ( !$this->mailer->validateMailAddress($email) ) {
+ throw new RegistrationException($this->l10n->t('The email address you entered is not valid'));
+ }
+ }
+
+ public function sendTokenByMail(Registration $registration) {
+ return true;
+ $link = $this->urlGenerator->linkToRoute('registration.register.verifyToken', array('token' => $registration->getToken()));
+ $link = $this->urlGenerator->getAbsoluteURL($link);
+ $template_var = [
+ 'link' => $link,
+ 'sitename' => $this->defaults->getName()
+ ];
+ $html_template = new TemplateResponse('registration', 'email.validate_html', $template_var, 'blank');
+ $html_part = $html_template->render();
+ $plaintext_template = new TemplateResponse('registration', 'email.validate_plaintext', $template_var, 'blank');
+ $plaintext_part = $plaintext_template->render();
+ $subject = $this->l10n->t('Verify your %s registration request', [$this->defaults->getName()]);
+
+ $from = Util::getDefaultEmailAddress('register');
+ $message = $this->mailer->createMessage();
+ $message->setFrom([$from => $this->defaults->getName()]);
+ $message->setTo([$registration->getEmail()]);
+ $message->setSubject($subject);
+ $message->setPlainBody($plaintext_part);
+ $message->setHtmlBody($html_part);
+ $failed_recipients = $this->mailer->send($message);
+ if ( !empty($failed_recipients) ) {
+ throw new RegistrationException($this->l10n->t('A problem occurred sending email, please contact your administrator.'));
+ }
+ }
+
+ public function notifyAdmins($userId) {
+ // Notify admin
+ $admin_users = $this->groupManager->get('admin')->getUsers();
+ $to_arr = array();
+ foreach ( $admin_users as $au ) {
+ $au_email = $this->config->getUserValue($au->getUID(), 'settings', 'email');
+ if ( $au_email !== '' ) {
+ $to_arr[$au_email] = $au->getDisplayName();
+ }
+ }
+ try {
+ $this->sendNewUserNotifEmail($to_arr, $userId);
+ } catch (\Exception $e) {
+ $this->logger->error('Sending admin notification email failed: '. $e->getMessage());
+ }
+ }
+
+ /**
+ * Sends new user notification email to admin
+ * @param array $to
+ * @param string $username the new user
+ * @throws \Exception
+ */
+ private function sendNewUserNotifEmail(array $to, $username) {
+ $template_var = [
+ 'user' => $username,
+ 'sitename' => $this->defaults->getName()
+ ];
+ $html_template = new TemplateResponse('registration', 'email.newuser_html', $template_var, 'blank');
+ $html_part = $html_template->render();
+ $plaintext_template = new TemplateResponse('registration', 'email.newuser_plaintext', $template_var, 'blank');
+ $plaintext_part = $plaintext_template->render();
+ $subject = $this->l10n->t('A new user "%s" has created an account on %s', [$username, $this->defaults->getName()]);
+
+ $from = Util::getDefaultEmailAddress('register');
+ $message = $this->mailer->createMessage();
+ $message->setFrom([$from => $this->defaults->getName()]);
+ $message->setTo($to);
+ $message->setSubject($subject);
+ $message->setPlainBody($plaintext_part);
+ $message->setHtmlBody($html_part);
+ $failed_recipients = $this->mailer->send($message);
+ if ( !empty($failed_recipients) )
+ throw new RegistrationException('Failed recipients: '.print_r($failed_recipients, true));
+ }
+
+}
\ No newline at end of file
diff --git a/service/registrationservice.php b/service/registrationservice.php
index 1c90ae2..1dba483 100644
--- a/service/registrationservice.php
+++ b/service/registrationservice.php
@@ -23,6 +23,11 @@
namespace OCA\Registration\Service;
+use OC\Authentication\Exceptions\InvalidTokenException;
+use OC\Authentication\Exceptions\PasswordlessTokenException;
+use OC\Authentication\Token\IProvider;
+use OC\Authentication\Token\IToken;
+use OCA\Registration\Db\Registration;
use OCA\Registration\Db\RegistrationMapper;
use OCP\AppFramework\Db\DoesNotExistException;
use \OCP\AppFramework\Http\TemplateResponse;
@@ -30,22 +35,25 @@ use \OCP\AppFramework\Http\RedirectResponse;
use \OCP\Defaults;
use OCP\ILogger;
use OCP\IRequest;
+use OCP\ISession;
use OCP\IURLGenerator;
-use \OCP\Util;
+use OCP\Security\ICrypto;
+use OCP\Session\Exceptions\SessionNotAvailableException;
use \OCP\IUserManager;
use \OCP\IUserSession;
use \OCP\IGroupManager;
use \OCP\IL10N;
use \OCP\IConfig;
-use \OCP\Mail\IMailer;
use \OCP\Security\ISecureRandom;
use \OC_User;
use \OC_Util;
class RegistrationService {
- /** @var IMailer */
- private $mailer;
+ /** @var string */
+ private $appName;
+ /** @var MailService */
+ private $mailService;
/** @var IL10N */
private $l10n;
/** @var IURLGenerator */
@@ -64,17 +72,22 @@ class RegistrationService {
private $random;
/** @var IUserSession */
private $usersession;
- /** @var string */
- private $appName;
/** @var IRequest */
private $request;
/** @var ILogger */
private $logger;
+ /** @var ISession */
+ private $session;
+ /** @var IProvider */
+ private $tokenProvider;
+ /** @var ICrypto */
+ private $crypto;
- public function __construct($appName, IMailer $mailer, IL10N $l10n, IURLGenerator $urlGenerator,
+ public function __construct($appName, MailService $mailService, IL10N $l10n, IURLGenerator $urlGenerator,
RegistrationMapper $registrationMapper, IUserManager $userManager, IConfig $config, IGroupManager $groupManager, Defaults $defaults,
- ISecureRandom $random, IUserSession $us, IRequest $request, ILogger $logger){
- $this->mailer = $mailer;
+ ISecureRandom $random, IUserSession $us, IRequest $request, ILogger $logger, ISession $session, IProvider $tokenProvider, ICrypto $crypto){
+ $this->appName = $appName;
+ $this->mailService = $mailService;
$this->l10n = $l10n;
$this->urlGenerator = $urlGenerator;
$this->registrationMapper = $registrationMapper;
@@ -84,29 +97,60 @@ class RegistrationService {
$this->defaults = $defaults;
$this->random = $random;
$this->usersession = $us;
- $this->appName = $appName;
$this->request = $request;
$this->logger = $logger;
+ $this->session = $session;
+ $this->tokenProvider = $tokenProvider;
+ $this->crypto = $crypto;
}
+ public function confirmEmail(Registration &$registration) {
+ $registration->setEmailConfirmed(true);
+ $this->registrationMapper->update($registration);
+ }
+ /**
+ * @param Registration $registration
+ */
+ public function generateNewToken(Registration &$registration) {
+ $this->registrationMapper->generateNewToken($registration);
+ $this->registrationMapper->update($registration);
+ }
+ /**
+ * @param $email
+ * @param string $username
+ * @param string $password
+ * @param string $displayname
+ * @return Registration
+ */
+ public function createRegistration($email, $username="", $password="", $displayname="") {
+ $registration = new Registration();
+ $registration->setEmail($email);
+ $registration->setUsername($username);
+ $registration->setDisplayname();
+ if($password !== "") {
+ $password = $this->crypto->encrypt($password);
+ $registration->setPassword($password);
+ }
+ $this->registrationMapper->generateNewToken($registration);
+ $this->registrationMapper->generateClientSecret($registration);
+ $this->registrationMapper->insert($registration);
+ return $registration;
+ }
+
+ /**
+ * @param $email
+ * @return Registration
+ * @throws RegistrationException
+ */
public function validateEmail($email) {
- if ( !$this->mailer->validateMailAddress($email) ) {
- throw new RegistrationException($this->l10n->t('The email address you entered is not valid'));
- }
+ $this->mailService->validateEmail($email);
+ // check for pending registrations
try {
- $registration = $this->registrationMapper->find($email);
- } catch (\Exception $e) {
- $registration = null;
- }
- // check if email already tried to register
- if ( $registration !== null) {
- $this->registrationMapper->delete($registration);
- $this->generateToken($email);
- throw new RegistrationException($this->l10n->t('There is already a pending registration with this email, a new verification email has been sent to the address.'));
- }
+ return $this->registrationMapper->find($email);
+ } catch (\Exception $e) {}
if ( $this->config->getUsersForUserValue('settings', 'email', $email) ) {
throw new RegistrationException(
@@ -115,32 +159,34 @@ class RegistrationService {
);
}
- // allow only from specific email domain}
if (!$this->checkAllowedDomains($email)) {
- $allowed_domains = $this->config->getAppValue($this->appName, 'allowed_domains', '');
- $allowed_domains = explode(';', $allowed_domains);
- return new TemplateResponse('registration', 'domains', [
- 'domains' => $allowed_domains
- ], 'guest');
+ throw new RegistrationException(
+ $this->l10n->t(
+ 'Registration is only allowed for the following domains: ' .
+ $this->config->getAppValue($this->appName, 'allowed_domains', '')
+ )
+ );
}
-
- $this->generateToken($email);
-
return null;
-
}
- public function generateToken($email) {
- try {
- $registration = $this->registrationMapper->find($email);
- $this->registrationMapper->delete($registration);
- } catch (\Exception $exception) {}
- $registration = $this->registrationMapper->save($email);
+ /**
+ * @param $displayname
+ * @throws RegistrationException
+ */
+ public function validateDisplayname($displayname) {
+ if($displayname === "") {
+ throw new RegistrationException($this->l10n->t('Please provide a valid display name.'));
+ }
+ }
- try {
- $this->sendValidationEmail($registration->getToken(), $email);
- } catch (\Exception $e) {
- throw new RegistrationException($this->l10n->t('A problem occurred sending email, please contact your administrator.'));
+ /**
+ * @param $username
+ * @throws RegistrationException
+ */
+ public function validateUsername($username) {
+ if($username === "" || $this->userManager->get($username) !== null) {
+ throw new RegistrationException($this->l10n->t('Please provide a valid user name.'));
}
}
@@ -169,6 +215,17 @@ class RegistrationService {
}
/**
+ * @return array
+ */
+ public function getAllowedDomains() {
+ $allowed_domains = $this->config->getAppValue($this->appName, 'allowed_domains', '');
+ $allowed_domains = explode(';', $allowed_domains);
+ return $allowed_domains;
+ }
+
+ /**
+ * Find registration entity for token
+ *
* @param $token
* @return string
* @throws RegistrationException
@@ -181,11 +238,25 @@ class RegistrationService {
}
}
+ /**
+ * @param $registration
+ * @param null $username
+ * @param null $password
+ * @return \OCP\IUser
+ * @throws RegistrationException
+ */
+ public function createAccount(Registration &$registration, $username = null, $password = null) {
+ if($password === null && $registration->getPassword() === null) {
+ $generatedPassword = $this->generateRandomDeviceToken();
+ $registration->setPassword($this->crypto->encrypt($generatedPassword));
+ }
- public function createAccount($token, $username, $password) {
- $email = $this->registrationMapper->findEmailByToken($token);
- if ( $email === false ) {
- throw new RegistrationException($this->l10n->t('Invalid verification URL. No registration request with this verification URL is found.'));
+ if ($username === null) {
+ $username = $registration->getUsername();
+ }
+
+ if($registration->getPassword() !== null) {
+ $password = $this->crypto->decrypt($registration->getPassword());
}
$user = $this->userManager->createUser($username, $password);
@@ -195,7 +266,7 @@ class RegistrationService {
$userId = $user->getUID();
// Set user email
try {
- $this->config->setUserValue($userId, 'settings', 'email', $email);
+ $this->config->setUserValue($userId, 'settings', 'email', $registration->getEmail());
} catch (\Exception $e) {
throw new RegistrationException($this->l10n->t('Unable to set user email: ' . $e->getMessage()));
}
@@ -211,19 +282,98 @@ class RegistrationService {
}
}
- // Delete pending reg request
- $res = $this->registrationMapper->deleteByEmail($email);
- if ($res === false) {
- throw new RegistrationException($this->l10n->t('Failed to delete pending registration request'));
+ // Delete pending registration if no client secret is stored
+ if($registration->getClientSecret() === null) {
+ $res = $this->registrationMapper->delete($registration);
+ if ($res === false) {
+ throw new RegistrationException($this->l10n->t('Failed to delete pending registration request'));
+ }
}
- $this->notifyAdmins($userId);
-
- $this->loginUser($userId, $username, $password);
-
+ $this->mailService->notifyAdmins($userId);
+ return $user;
}
- public function loginUser($userId, $username, $password) {
+ /**
+ * @param $token
+ * @return Registration
+ */
+ public function getRegistrationForToken($token) {
+ return $this->registrationMapper->findByToken($token);
+ }
+
+ /**
+ * @param Registration $registation
+ * @return null|\OCP\IUser
+ */
+ public function getUserAccount(Registration $registation) {
+ $user = $this->userManager->get($registation->getUsername());
+ return $user;
+ }
+
+ /**
+ * @param Registration $registration
+ */
+ public function deleteRegistration(Registration $registration) {
+ $this->registrationMapper->delete($registration);
+ }
+
+ /**
+ * Return a 25 digit device password
+ *
+ * Example: AbCdE-fGhIj-KlMnO-pQrSt-12345
+ *
+ * @return string
+ */
+ private function generateRandomDeviceToken() {
+ $groups = [];
+ for ($i = 0; $i < 5; $i++) {
+ $groups[] = $this->random->generate(5, ISecureRandom::CHAR_HUMAN_READABLE);
+ }
+ return implode('-', $groups);
+ }
+
+ /**
+ * @param $uid
+ * @return string
+ * @throws RegistrationException
+ */
+ public function generateAppPassword($uid) {
+ $name = $this->l10n->t('Registration app auto setup');
+ try {
+ $sessionId = $this->session->getId();
+ } catch (SessionNotAvailableException $ex) {
+ throw new RegistrationException('Failed to generate an app token.');
+ }
+
+ try {
+ $sessionToken = $this->tokenProvider->getToken($sessionId);
+ $loginName = $sessionToken->getLoginName();
+ try {
+ $password = $this->tokenProvider->getPassword($sessionToken, $sessionId);
+ } catch (PasswordlessTokenException $ex) {
+ $password = null;
+ }
+ } catch (InvalidTokenException $ex) {
+ throw new RegistrationException('Failed to generate an app token.');
+ }
+
+ $token = $this->generateRandomDeviceToken();
+ $this->tokenProvider->generateToken($token, $uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN);
+ return $token;
+ }
+
+ /**
+ * @param $userId
+ * @param $username
+ * @param $password
+ * @param $decrypt
+ * @return RedirectResponse|TemplateResponse
+ */
+ public function loginUser($userId, $username, $password, $decrypt = false) {
+ if ($decrypt) {
+ $password = $this->crypto->decrypt($password);
+ }
if ( method_exists($this->usersession, 'createSessionToken') ) {
$this->usersession->login($username, $password);
$this->usersession->createSessionToken($this->request, $userId, $username, $password);
@@ -244,83 +394,6 @@ class RegistrationService {
}
- public function notifyAdmins($userId) {
- // Notify admin
- $admin_users = $this->groupManager->get('admin')->getUsers();
- $to_arr = array();
- foreach ( $admin_users as $au ) {
- $au_email = $this->config->getUserValue($au->getUID(), 'settings', 'email');
- if ( $au_email !== '' ) {
- $to_arr[$au_email] = $au->getDisplayName();
- }
- }
- try {
- $this->sendNewUserNotifEmail($to_arr, $userId);
- } catch (\Exception $e) {
- $this->logger->error('Sending admin notification email failed: '. $e->getMessage());
- }
- }
-
- /**
- * Sends validation email
- * @param string $token
- * @param string $to
- * @throws \Exception
- */
- private function sendValidationEmail($token, $to) {
- $link = $this->urlGenerator->linkToRoute('registration.register.verifyToken', array('token' => $token));
- $link = $this->urlGenerator->getAbsoluteURL($link);
- $template_var = [
- 'link' => $link,
- 'sitename' => $this->defaults->getName()
- ];
- $html_template = new TemplateResponse('registration', 'email.validate_html', $template_var, 'blank');
- $html_part = $html_template->render();
- $plaintext_template = new TemplateResponse('registration', 'email.validate_plaintext', $template_var, 'blank');
- $plaintext_part = $plaintext_template->render();
- $subject = $this->l10n->t('Verify your %s registration request', [$this->defaults->getName()]);
-
- $from = Util::getDefaultEmailAddress('register');
- $message = $this->mailer->createMessage();
- $message->setFrom([$from => $this->defaults->getName()]);
- $message->setTo([$to]);
- $message->setSubject($subject);
- $message->setPlainBody($plaintext_part);
- $message->setHtmlBody($html_part);
- $failed_recipients = $this->mailer->send($message);
- if ( !empty($failed_recipients) )
- throw new RegistrationException('Failed recipients: '.print_r($failed_recipients, true));
- }
-
- /**
- * Sends new user notification email to admin
- * @param array $to
- * @param string $username the new user
- * @throws \Exception
- */
- private function sendNewUserNotifEmail(array $to, $username) {
- $template_var = [
- 'user' => $username,
- 'sitename' => $this->defaults->getName()
- ];
- $html_template = new TemplateResponse('registration', 'email.newuser_html', $template_var, 'blank');
- $html_part = $html_template->render();
- $plaintext_template = new TemplateResponse('registration', 'email.newuser_plaintext', $template_var, 'blank');
- $plaintext_part = $plaintext_template->render();
- $subject = $this->l10n->t('A new user "%s" has created an account on %s', [$username, $this->defaults->getName()]);
-
- $from = Util::getDefaultEmailAddress('register');
- $message = $this->mailer->createMessage();
- $message->setFrom([$from => $this->defaults->getName()]);
- $message->setTo($to);
- $message->setSubject($subject);
- $message->setPlainBody($plaintext_part);
- $message->setHtmlBody($html_part);
- $failed_recipients = $this->mailer->send($message);
- if ( !empty($failed_recipients) )
- throw new RegistrationException('Failed recipients: '.print_r($failed_recipients, true));
- }
-
/**
* Replicates OC::cleanupLoginTokens() since it's protected
* @param string $userId
@@ -336,7 +409,4 @@ class RegistrationService {
}
}
- public function getRegistrationForToken($token) {
- return $this->registrationMapper->findByToken($token);
- }
}