├── img ├── screenshot.png └── app-dark.svg ├── appinfo ├── app.php ├── info.xml └── routes.php ├── lib ├── Model │ ├── Group.php │ └── User.php ├── Constant │ ├── App.php │ ├── Opt.php │ ├── Query.php │ └── DB.php ├── Action │ ├── IUserAction.php │ ├── QuotaSync.php │ ├── EmailSync.php │ └── NameSync.php ├── Crypto │ ├── MyBB.php │ ├── MD5MD5Salt.php │ ├── Redmine.php │ ├── Param │ │ ├── ChoiceParam.php │ │ ├── CryptoParam.php │ │ └── IntParam.php │ ├── MD5.php │ ├── SHA1.php │ ├── Cleartext.php │ ├── SHA256.php │ ├── SHA512.php │ ├── Whirlpool.php │ ├── CryptStandardDES.php │ ├── CryptMD5.php │ ├── CourierMD5Raw.php │ ├── CourierMD5.php │ ├── CourierSHA1.php │ ├── SHA512Whirlpool.php │ ├── CourierSHA256.php │ ├── Crypt.php │ ├── WCF2.php │ ├── SSHA256.php │ ├── SSHA512.php │ ├── Drupal7.php │ ├── AbstractCrypt.php │ ├── Utils.php │ ├── CryptSHA256.php │ ├── CryptSHA512.php │ ├── HashHmac.php │ ├── Joomla.php │ ├── AbstractAlgorithm.php │ ├── IPasswordAlgorithm.php │ ├── CryptBlowfish.php │ ├── CryptExtendedDES.php │ ├── SSHA.php │ ├── CryptArgon2.php │ ├── CryptArgon2id.php │ └── Phpass.php ├── Platform │ ├── PlatformFactory.php │ ├── MySQLPlatform.php │ ├── PostgreSQLPlatform.php │ └── AbstractPlatform.php ├── AppInfo │ └── Application.php ├── Settings │ ├── Admin.php │ └── Section.php ├── Cache.php └── Repository │ ├── GroupRepository.php │ └── UserRepository.php ├── css └── settings.css ├── tests └── Crypto │ ├── CleartextTest.php │ ├── HashHmacTest.php │ ├── MD5Test.php │ ├── CryptExtendedDESTest.php │ ├── CryptStandardDESTest.php │ ├── SHA1Test.php │ ├── PhpassTest.php │ ├── CourierMD5Test.php │ ├── CryptMD5Test.php │ ├── CourierSHA1Test.php │ ├── Drupal7Test.php │ ├── SHA256Test.php │ ├── RedmineTest.php │ ├── WCF2Test.php │ ├── CourierMD5RawTest.php │ ├── CryptTest.php │ ├── JoomlaTest.php │ ├── CourierSHA256Test.php │ ├── CryptBlowfishTest.php │ ├── CryptSHA256Test.php │ ├── SSHA256Test.php │ ├── CryptArgon2Test.php │ ├── SHA512Test.php │ ├── CryptArgon2idTest.php │ ├── SSHA512Test.php │ ├── CryptSHA512Test.php │ ├── WhirlpoolTest.php │ └── SHA512WhirlpoolTest.php └── CHANGELOG.md /img/screenshot.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/nextcloud/user_sql/HEAD/img/screenshot.png -------------------------------------------------------------------------------- /appinfo/app.php: -------------------------------------------------------------------------------- 1 | 6 | * @copyright 2018 Marcin Łojewski 7 | * @author Marcin Łojewski 8 | * 9 | * This program is free software: you can redistribute it and/or modify 10 | * it under the terms of the GNU Affero General Public License as 11 | * published by the Free Software Foundation, either version 3 of the 12 | * License, or (at your option) any later version. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU Affero General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU Affero General Public License 20 | * along with this program. If not, see . 21 | */ 22 | 23 | use OCA\UserSQL\AppInfo\Application; 24 | use OCP\AppFramework\QueryException; 25 | 26 | try { 27 | $app = new Application(); 28 | $app->registerBackends(); 29 | } catch (QueryException $queryException) { 30 | OC::$server->getLogger()->logException($queryException); 31 | } 32 | -------------------------------------------------------------------------------- /appinfo/info.xml: -------------------------------------------------------------------------------- 1 | 2 | 3 | user_sql 4 | User and Group SQL Backends 5 | Control users and groups by SQL queries 6 | 7 | Use external database as a source for Nextcloud users and groups. 8 | Retrieve the users and groups info. Allow the users to change their passwords. 9 | Sync the users' email addresses with the addresses stored by Nextcloud. 10 | 11 | 4.7.1 12 | agpl 13 | Marcin Łojewski 14 | Andreas Böhler 15 | UserSQL 16 | https://github.com/nextcloud/user_sql/issues 17 | https://github.com/nextcloud/user_sql 18 | https://raw.githubusercontent.com/nextcloud/user_sql/master/img/screenshot.png 19 | 20 | 21 | 22 | auth 23 | 24 | 25 | 26 | 27 | 28 | \OCA\UserSQL\Settings\Admin 29 | OCA\UserSQL\Settings\Section 30 | 31 | 32 | -------------------------------------------------------------------------------- /lib/Model/Group.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Model; 23 | 24 | /** 25 | * The group entity. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | class Group 30 | { 31 | /** 32 | * @var string The GID (group name). 33 | */ 34 | public $gid; 35 | /** 36 | * @var string The group's display name. 37 | */ 38 | public $name; 39 | /** 40 | * @var bool Whether it is an admin group. 41 | */ 42 | public $admin; 43 | } 44 | -------------------------------------------------------------------------------- /lib/Constant/App.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Constant; 23 | 24 | /** 25 | * The application constants. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | final class App 30 | { 31 | const FALSE_VALUE = "0"; 32 | const TRUE_VALUE = "1"; 33 | 34 | const HOME_QUERY = "query"; 35 | const HOME_STATIC = "static"; 36 | 37 | const SYNC_FORCE_NC = "force_nc"; 38 | const SYNC_FORCE_SQL = "force_sql"; 39 | const SYNC_INITIAL = "initial"; 40 | } 41 | -------------------------------------------------------------------------------- /lib/Action/IUserAction.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Action; 23 | 24 | use OCA\UserSQL\Model\User; 25 | 26 | /** 27 | * Action to execute every time an user account is queried. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | interface IUserAction 32 | { 33 | /** 34 | * Execute an action. 35 | * 36 | * @param User $user The user entity. 37 | * 38 | * @return bool The action status. 39 | */ 40 | public function doAction(User $user); 41 | } 42 | -------------------------------------------------------------------------------- /img/app-dark.svg: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /lib/Crypto/MyBB.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | /** 25 | * MyBB hash implementation. 26 | * 27 | * @author Sebijk 28 | */ 29 | class MyBB extends AbstractAlgorithm 30 | { 31 | /** 32 | * @inheritdoc 33 | */ 34 | public function getPasswordHash($password, $salt = null) 35 | { 36 | if (is_null($salt)) { 37 | return false; 38 | } 39 | return md5(md5($salt).md5($password)); 40 | } 41 | 42 | /** 43 | * @inheritdoc 44 | */ 45 | protected function getAlgorithmName() 46 | { 47 | return "MyBB"; 48 | } 49 | } -------------------------------------------------------------------------------- /lib/Crypto/MD5MD5Salt.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | /** 25 | * MD5(MD5+salt) hash implementation. 26 | * 27 | * @author Sebijk (b1gMail.eu) 28 | */ 29 | class MD5MD5Salt extends AbstractAlgorithm 30 | { 31 | /** 32 | * @inheritdoc 33 | */ 34 | public function getPasswordHash($password, $salt = null) 35 | { 36 | if (is_null($salt)) { 37 | return false; 38 | } 39 | 40 | return md5(md5($password).$salt); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | protected function getAlgorithmName() 47 | { 48 | return "MD5 (MD5+Salt)"; 49 | } 50 | } -------------------------------------------------------------------------------- /lib/Crypto/Redmine.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | /** 25 | * Redmine MD5 hash implementation. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | class Redmine extends AbstractAlgorithm 30 | { 31 | /** 32 | * @inheritdoc 33 | */ 34 | public function getPasswordHash($password, $salt = null) 35 | { 36 | if (is_null($salt)) { 37 | return false; 38 | } 39 | 40 | return sha1($salt . sha1($password)); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | protected function getAlgorithmName() 47 | { 48 | return "Redmine"; 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /css/settings.css: -------------------------------------------------------------------------------- 1 | #user_sql .main { 2 | overflow: auto; 3 | } 4 | 5 | #user_sql .main > div { 6 | float: left; 7 | width: 380px; 8 | } 9 | 10 | #user_sql .main div > label > span { 11 | display: inline-block; 12 | overflow: hidden; 13 | text-overflow: ellipsis; 14 | vertical-align: middle; 15 | white-space: nowrap; 16 | width: 120px; 17 | } 18 | 19 | #user_sql .main div > label > input, 20 | #user_sql .main div > label > select { 21 | width: 257px; 22 | } 23 | 24 | #user_sql .main div > input[type="checkbox"] { 25 | min-height: auto; 26 | } 27 | 28 | #user_sql .main .button-right { 29 | overflow: auto; 30 | } 31 | 32 | #user_sql .main .button-right > input[type="submit"] { 33 | float: right; 34 | } 35 | 36 | #user_sql .main .inner-fieldset { 37 | border-bottom: 1px solid var(--color-border); 38 | border-top: 1px solid var(--color-border); 39 | margin: 8px 0; 40 | padding: 8px 0 8px 16px; 41 | } 42 | 43 | #user_sql .msg { 44 | left: 0; 45 | padding: 3px; 46 | position: fixed; 47 | text-align: center; 48 | width: 100%; 49 | z-index: 100; 50 | } 51 | 52 | #user_sql .msg.error { 53 | background-color: var(--color-error); 54 | color: var(--color-primary-text); 55 | } 56 | 57 | #user_sql .msg.success { 58 | background-color: var(--color-success); 59 | color: var(--color-primary-text); 60 | } 61 | 62 | #user_sql .msg.waiting { 63 | background-color: var(--color-warning); 64 | color: var(--color-primary-text); 65 | } 66 | 67 | #user_sql .loading { 68 | display: inline-block; 69 | height: 32px; 70 | margin: 5px 0; 71 | width: 32px; 72 | } 73 | -------------------------------------------------------------------------------- /lib/Crypto/Param/ChoiceParam.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto\Param; 23 | 24 | /** 25 | * A choice parameter of a hash algorithm. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | class ChoiceParam extends CryptoParam 30 | { 31 | const TYPE = "choice"; 32 | 33 | /** 34 | * @var array Available choices. 35 | */ 36 | public $choices; 37 | 38 | /** 39 | * Class constructor. 40 | * 41 | * @param $name string Parameter name. 42 | * @param $value mixed Parameter default value. 43 | * @param $choices array Available choices. 44 | */ 45 | public function __construct($name, $value = null, $choices = []) 46 | { 47 | parent::__construct(self::TYPE, $name, $value); 48 | $this->choices = $choices; 49 | } 50 | } 51 | -------------------------------------------------------------------------------- /lib/Crypto/MD5.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * MD5 hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class MD5 extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return md5($password); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "MD5"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/SHA1.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * SHA-1 hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class SHA1 extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return sha1($password); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "SHA-1"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/Cleartext.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * Cleartext password implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class Cleartext extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return $password; 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "Cleartext"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/SHA256.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * SHA-256 hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class SHA256 extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return hash('sha256', $password); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "SHA-256"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/SHA512.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * SHA-512 hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class SHA512 extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return hash('sha512', $password); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "SHA-512"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/Whirlpool.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * Whirlpool hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class Whirlpool extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return hash('whirlpool', $password); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "Whirlpool"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/CryptStandardDES.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * Standard DES Crypt hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class CryptStandardDES extends AbstractCrypt 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | protected function getSalt() 47 | { 48 | return Utils::randomString(2, self::SALT_ALPHABET); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "Standard DES (Crypt)"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/CryptMD5.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * MD5 Crypt hash implementation. 28 | * 29 | * @see crypt() 30 | * @author Marcin Łojewski 31 | */ 32 | class CryptMD5 extends AbstractCrypt 33 | { 34 | /** 35 | * The class constructor. 36 | * 37 | * @param IL10N $localization The localization service. 38 | */ 39 | public function __construct(IL10N $localization) 40 | { 41 | parent::__construct($localization); 42 | } 43 | 44 | /** 45 | * @inheritdoc 46 | */ 47 | protected function getSalt() 48 | { 49 | return "$1$" . Utils::randomString(8, self::SALT_ALPHABET) . "$"; 50 | } 51 | 52 | /** 53 | * @inheritdoc 54 | */ 55 | protected function getAlgorithmName() 56 | { 57 | return "MD5 (Crypt)"; 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /lib/Crypto/CourierMD5Raw.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * Courier MD5 RAW hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class CourierMD5Raw extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return '{MD5RAW}' . md5($password); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "Courier hexadecimal MD5"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/CourierMD5.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * Courier MD5 hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class CourierMD5 extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return '{MD5}' . Utils::hexToBase64(md5($password)); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "Courier base64-encoded MD5"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/CourierSHA1.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * Courier SHA1 hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class CourierSHA1 extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return '{SHA}' . Utils::hexToBase64(sha1($password)); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "Courier base64-encoded SHA1"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/SHA512Whirlpool.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * SHA-512 Whirlpool hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class SHA512Whirlpool extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return hash('sha512', hash('whirlpool', $password)); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "SHA-512 Whirlpool"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/Param/CryptoParam.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto\Param; 23 | 24 | /** 25 | * A parameter of a hash algorithm. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | class CryptoParam 30 | { 31 | /** 32 | * @var string Type name used in JS. 33 | */ 34 | public $type; 35 | /** 36 | * @var string Parameter name. 37 | */ 38 | public $name; 39 | /** 40 | * @var mixed Parameter default value. 41 | */ 42 | public $value; 43 | 44 | /** 45 | * Class constructor. 46 | * 47 | * @param $type string Type name used in JS. 48 | * @param $name string Parameter name. 49 | * @param $value mixed Parameter default value. 50 | */ 51 | public function __construct($type, $name, $value = null) 52 | { 53 | $this->type = $type; 54 | $this->name = $name; 55 | $this->value = $value; 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /lib/Crypto/CourierSHA256.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * Courier SHA256 hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class CourierSHA256 extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | return '{SHA256}' . Utils::hexToBase64(hash('sha256', $password)); 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getAlgorithmName() 55 | { 56 | return "Courier base64-encoded SHA256"; 57 | } 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/Param/IntParam.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto\Param; 23 | 24 | /** 25 | * An integer parameter of a hash algorithm. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | class IntParam extends CryptoParam 30 | { 31 | const TYPE = "int"; 32 | 33 | /** 34 | * @var int Minimal value for parameter. 35 | */ 36 | public $min; 37 | /** 38 | * @var int Maximum value for parameter. 39 | */ 40 | public $max; 41 | 42 | /** 43 | * Class constructor. 44 | * 45 | * @param $name string Parameter name. 46 | * @param $value int Parameter default value. 47 | * @param $min int Minimal value for parameter. 48 | * @param $max int Maximum value for parameter. 49 | */ 50 | public function __construct($name, $value = null, $min = null, $max = null) 51 | { 52 | parent::__construct(self::TYPE, $name, $value); 53 | $this->min = $min; 54 | $this->max = $max; 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /tests/Crypto/CleartextTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Cleartext; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class Cleartext. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CleartextTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue($this->crypto->checkPassword("password", "password")); 44 | } 45 | 46 | public function testPasswordHash() 47 | { 48 | $hash = $this->crypto->getPasswordHash("password"); 49 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 50 | } 51 | 52 | protected function setUp(): void 53 | { 54 | parent::setUp(); 55 | $this->crypto = new Cleartext($this->createMock(IL10N::class)); 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /lib/Platform/PlatformFactory.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Platform; 23 | 24 | use OC\DB\Connection; 25 | 26 | /** 27 | * Factory for the database platform class instance. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class PlatformFactory 32 | { 33 | /** 34 | * Get the database platform. 35 | * 36 | * @param Connection $connection The database connection. 37 | * 38 | * @return AbstractPlatform The database platform. 39 | */ 40 | public static function getPlatform(Connection $connection) 41 | { 42 | switch ($connection->getDriver()->getName()) { 43 | case "pdo_mysql": 44 | return new MySQLPlatform($connection); 45 | case "pdo_pgsql": 46 | return new PostgreSQLPlatform($connection); 47 | default: 48 | throw new \InvalidArgumentException( 49 | "Unknown database driver: " . $connection->getDriver()->getName( 50 | ) 51 | ); 52 | } 53 | } 54 | } 55 | -------------------------------------------------------------------------------- /lib/Crypto/Crypt.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * Unix Crypt hash implementation. 28 | * 29 | * @see crypt() 30 | * @author Marcin Łojewski 31 | */ 32 | class Crypt extends AbstractCrypt 33 | { 34 | /** 35 | * The class constructor. 36 | * 37 | * @param IL10N $localization The localization service. 38 | */ 39 | public function __construct(IL10N $localization) 40 | { 41 | parent::__construct($localization); 42 | } 43 | 44 | /** 45 | * @inheritdoc 46 | */ 47 | public function getPasswordHash($password, $salt = null) 48 | { 49 | return password_hash($password, PASSWORD_DEFAULT); 50 | } 51 | 52 | /** 53 | * @inheritdoc 54 | */ 55 | protected function getAlgorithmName() 56 | { 57 | return "Unix (Crypt)"; 58 | } 59 | 60 | /** 61 | * Not used. 62 | */ 63 | protected function getSalt() 64 | { 65 | return null; 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /tests/Crypto/HashHmacTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\HashHmac; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class HashHmac. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class HashHmacTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue($this->crypto->checkPassword("password", "ba4f8624f0a4d1f2a3991f4d88cd9afb604dac20")); 44 | } 45 | 46 | public function testPasswordHash() 47 | { 48 | $hash = $this->crypto->getPasswordHash("password"); 49 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 50 | } 51 | 52 | protected function setUp(): void 53 | { 54 | parent::setUp(); 55 | $this->crypto = new HashHmac($this->createMock(IL10N::class)); 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /lib/Crypto/WCF2.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | /** 25 | * WCF2 hash implementation. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | class WCF2 extends AbstractCrypt 30 | { 31 | /** 32 | * @inheritdoc 33 | */ 34 | public function checkPassword($password, $dbHash, $salt = null) 35 | { 36 | return hash_equals($dbHash, crypt(crypt($password, $dbHash), $dbHash)); 37 | } 38 | 39 | /** 40 | * @inheritdoc 41 | */ 42 | public function getPasswordHash($password, $salt = null) 43 | { 44 | $salt = $this->getSalt(); 45 | return crypt(crypt($password, $salt), $salt); 46 | } 47 | 48 | /** 49 | * @inheritdoc 50 | */ 51 | protected function getSalt() 52 | { 53 | return "$2a$08$" . Utils::randomString(22, self::SALT_ALPHABET) . "$"; 54 | } 55 | 56 | /** 57 | * @inheritdoc 58 | */ 59 | protected function getAlgorithmName() 60 | { 61 | return "WoltLab Community Framework 2.x"; 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /lib/Platform/MySQLPlatform.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Platform; 23 | 24 | use OC\DB\Connection; 25 | 26 | /** 27 | * MySQL database platform. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class MySQLPlatform extends AbstractPlatform 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param Connection $connection The database connection. 37 | */ 38 | public function __construct(Connection $connection) 39 | { 40 | parent::__construct($connection); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | protected function getViewName($row, $schema) 47 | { 48 | return $row["TABLE_NAME"]; 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | protected function getTableName($row, $schema) 55 | { 56 | return $row["Tables_in_" . $this->connection->getDatabase()]; 57 | } 58 | 59 | /** 60 | * @inheritdoc 61 | */ 62 | protected function getColumnName($row) 63 | { 64 | return $row["Field"]; 65 | } 66 | } 67 | -------------------------------------------------------------------------------- /tests/Crypto/MD5Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\MD5; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class MD5. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class MD5Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", "5f4dcc3b5aa765d61d8327deb882cf99" 46 | ) 47 | ); 48 | } 49 | 50 | public function testPasswordHash() 51 | { 52 | $hash = $this->crypto->getPasswordHash("password"); 53 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 54 | } 55 | 56 | protected function setUp(): void 57 | { 58 | parent::setUp(); 59 | $this->crypto = new MD5($this->createMock(IL10N::class)); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /lib/Crypto/SSHA256.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * SSHA256 hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class SSHA256 extends SSHA 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPrefix() 47 | { 48 | return "{SSHA256}"; 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | public function getAlgorithm() 55 | { 56 | return "sha256"; 57 | } 58 | 59 | /** 60 | * @inheritdoc 61 | */ 62 | public function getHashLength() 63 | { 64 | return 32; 65 | } 66 | 67 | /** 68 | * @inheritdoc 69 | */ 70 | protected function getAlgorithmName() 71 | { 72 | return "SSHA256"; 73 | } 74 | } 75 | -------------------------------------------------------------------------------- /lib/Crypto/SSHA512.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * SSHA512 hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class SSHA512 extends SSHA 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPrefix() 47 | { 48 | return "{SSHA512}"; 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | public function getAlgorithm() 55 | { 56 | return "sha512"; 57 | } 58 | 59 | /** 60 | * @inheritdoc 61 | */ 62 | public function getHashLength() 63 | { 64 | return 64; 65 | } 66 | 67 | /** 68 | * @inheritdoc 69 | */ 70 | protected function getAlgorithmName() 71 | { 72 | return "SSHA512"; 73 | } 74 | } 75 | -------------------------------------------------------------------------------- /tests/Crypto/CryptExtendedDESTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CryptExtendedDES; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CryptExtendedDES. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CryptExtendedDESTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword("password", "cDRpdxPmHpzS.") 45 | ); 46 | } 47 | 48 | public function testPasswordHash() 49 | { 50 | $hash = $this->crypto->getPasswordHash("password"); 51 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 52 | } 53 | 54 | protected function setUp(): void 55 | { 56 | parent::setUp(); 57 | $this->crypto = new CryptExtendedDES($this->createMock(IL10N::class)); 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /tests/Crypto/CryptStandardDESTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CryptStandardDES; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CryptStandardDES. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CryptStandardDESTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword("password", "yTBnb7ab/N072") 45 | ); 46 | } 47 | 48 | public function testPasswordHash() 49 | { 50 | $hash = $this->crypto->getPasswordHash("password"); 51 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 52 | } 53 | 54 | protected function setUp(): void 55 | { 56 | parent::setUp(); 57 | $this->crypto = new CryptStandardDES($this->createMock(IL10N::class)); 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /lib/Crypto/Drupal7.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | /** 25 | * Drupal 7 overrides of phpass hash implementation. 26 | * 27 | * @author BrandonKerr 28 | * @author Marcin Łojewski 29 | */ 30 | class Drupal7 extends Phpass 31 | { 32 | /** 33 | * The expected (and maximum) number of characters in a hashed password. 34 | */ 35 | const DRUPAL_HASH_LENGTH = 55; 36 | 37 | /** 38 | * @inheritdoc 39 | */ 40 | public function configuration() 41 | { 42 | return []; 43 | } 44 | 45 | /** 46 | * @inheritdoc 47 | */ 48 | protected function crypt($password, $setting) 49 | { 50 | return substr(parent::crypt($password, $setting), 0, self::DRUPAL_HASH_LENGTH); 51 | } 52 | 53 | /** 54 | * @inheritdoc 55 | */ 56 | protected function hash($input) 57 | { 58 | return hash('sha512', $input, true); 59 | } 60 | 61 | /** 62 | * @inheritdoc 63 | */ 64 | protected function getAlgorithmName() 65 | { 66 | return "Drupal 7"; 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /tests/Crypto/SHA1Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\SHA1; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class SHA1. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class SHA1Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8" 46 | ) 47 | ); 48 | } 49 | 50 | public function testPasswordHash() 51 | { 52 | $hash = $this->crypto->getPasswordHash("password"); 53 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 54 | } 55 | 56 | protected function setUp(): void 57 | { 58 | parent::setUp(); 59 | $this->crypto = new SHA1($this->createMock(IL10N::class)); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /tests/Crypto/PhpassTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Phpass; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class Phpass. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class PhpassTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", "\$P\$BxrwraqNTi4as0EI.IpiA/K.muk9ke/" 46 | ) 47 | ); 48 | } 49 | 50 | public function testPasswordHash() 51 | { 52 | $hash = $this->crypto->getPasswordHash("password"); 53 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 54 | } 55 | 56 | protected function setUp(): void 57 | { 58 | parent::setUp(); 59 | $this->crypto = new Phpass($this->createMock(IL10N::class)); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /lib/Crypto/AbstractCrypt.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | /** 25 | * Abstract Unix Crypt hash implementation. 26 | * The hash algorithm depends on the chosen salt. 27 | * 28 | * @see crypt() 29 | * @author Marcin Łojewski 30 | */ 31 | abstract class AbstractCrypt extends AbstractAlgorithm 32 | { 33 | /** 34 | * The chars used in the salt. 35 | */ 36 | const SALT_ALPHABET = "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; 37 | 38 | /** 39 | * @inheritdoc 40 | */ 41 | public function checkPassword($password, $dbHash, $salt = null) 42 | { 43 | return hash_equals($dbHash, crypt($password, $dbHash)); 44 | } 45 | 46 | /** 47 | * @inheritdoc 48 | */ 49 | public function getPasswordHash($password, $salt = null) 50 | { 51 | return crypt($password, $this->getSalt()); 52 | } 53 | 54 | /** 55 | * Generate a salt string for the hash algorithm. 56 | * 57 | * @return string The salt string. 58 | */ 59 | protected abstract function getSalt(); 60 | } 61 | -------------------------------------------------------------------------------- /tests/Crypto/CourierMD5Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CourierMD5; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CourierMD5. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CourierMD5Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", "{MD5}X03MO1qnZdYdgyfeuILPmQ==" 46 | ) 47 | ); 48 | } 49 | 50 | public function testPasswordHash() 51 | { 52 | $hash = $this->crypto->getPasswordHash("password"); 53 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 54 | } 55 | 56 | protected function setUp(): void 57 | { 58 | parent::setUp(); 59 | $this->crypto = new CourierMD5($this->createMock(IL10N::class)); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /tests/Crypto/CryptMD5Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CryptMD5; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CryptMD5. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CryptMD5Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", "$1\$RzaFbNcU\$u9adfTY/Q6za6nu0Ogrl1/" 46 | ) 47 | ); 48 | } 49 | 50 | public function testPasswordHash() 51 | { 52 | $hash = $this->crypto->getPasswordHash("password"); 53 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 54 | } 55 | 56 | protected function setUp(): void 57 | { 58 | parent::setUp(); 59 | $this->crypto = new CryptMD5($this->createMock(IL10N::class)); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /tests/Crypto/CourierSHA1Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CourierSHA1; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CourierSHA1. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CourierSHA1Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", "{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=" 46 | ) 47 | ); 48 | } 49 | 50 | public function testPasswordHash() 51 | { 52 | $hash = $this->crypto->getPasswordHash("password"); 53 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 54 | } 55 | 56 | protected function setUp(): void 57 | { 58 | parent::setUp(); 59 | $this->crypto = new CourierSHA1($this->createMock(IL10N::class)); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /tests/Crypto/Drupal7Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Drupal7; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class Drupal7. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class Drupal7Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", "\$S\$DC7eCpJQ3SUQtW4Bp.vKb2rpeaffi4iqk9OpYwJyEoSMsezn67Sl" 46 | ) 47 | ); 48 | } 49 | 50 | public function testPasswordHash() 51 | { 52 | $hash = $this->crypto->getPasswordHash("password"); 53 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 54 | } 55 | 56 | protected function setUp(): void 57 | { 58 | parent::setUp(); 59 | $this->crypto = new Drupal7($this->createMock(IL10N::class)); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /tests/Crypto/SHA256Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 25 | use OCA\UserSQL\Crypto\SHA256; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class SHA256. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class SHA256Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8" 46 | ) 47 | ); 48 | } 49 | 50 | public function testPasswordHash() 51 | { 52 | $hash = $this->crypto->getPasswordHash("password"); 53 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 54 | } 55 | 56 | protected function setUp(): void 57 | { 58 | parent::setUp(); 59 | $this->crypto = new SHA256($this->createMock(IL10N::class)); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /tests/Crypto/RedmineTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 25 | use OCA\UserSQL\Crypto\Redmine; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class Redmine. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class RedmineTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", "48b75edeffd8e413341d7734f0f3391e7a5da994", "salt" 46 | ) 47 | ); 48 | } 49 | 50 | public function testPasswordHash() 51 | { 52 | $hash = $this->crypto->getPasswordHash("password", "salt"); 53 | $this->assertTrue($this->crypto->checkPassword("password", $hash, "salt")); 54 | } 55 | 56 | protected function setUp(): void 57 | { 58 | parent::setUp(); 59 | $this->crypto = new Redmine($this->createMock(IL10N::class)); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /tests/Crypto/WCF2Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 25 | use OCA\UserSQL\Crypto\WCF2; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class WCF2. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class WCF2Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "$2a$08\$XEQDKNU/Vbootwxv5Gp7gujxFX/RUFsZLvQPYM435Dd3/p17fto02" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new WCF2($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /lib/Model/User.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Model; 23 | 24 | /** 25 | * The user entity. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | class User 30 | { 31 | /** 32 | * @var mixed The UID. 33 | */ 34 | public $uid; 35 | /** 36 | * @var string The user's username (login name). 37 | */ 38 | public $username; 39 | /** 40 | * @var string The user's email address. 41 | */ 42 | public $email; 43 | /** 44 | * @var string The user quota. 45 | */ 46 | public $quota; 47 | /** 48 | * @var string The user's display name. 49 | */ 50 | public $name; 51 | /** 52 | * @var string The user's password (hash). 53 | */ 54 | public $password; 55 | /** 56 | * @var string The user's home location. 57 | */ 58 | public $home; 59 | /** 60 | * @var bool Is user account active. 61 | */ 62 | public $active; 63 | /** 64 | * @var bool Can user change its avatar. 65 | */ 66 | public $avatar; 67 | /** 68 | * @var string The password's salt. 69 | */ 70 | public $salt; 71 | } 72 | -------------------------------------------------------------------------------- /tests/Crypto/CourierMD5RawTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CourierMD5Raw; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CourierMD5Raw. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CourierMD5RawTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", "{MD5RAW}5f4dcc3b5aa765d61d8327deb882cf99" 46 | ) 47 | ); 48 | } 49 | 50 | public function testPasswordHash() 51 | { 52 | $hash = $this->crypto->getPasswordHash("password"); 53 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 54 | } 55 | 56 | protected function setUp(): void 57 | { 58 | parent::setUp(); 59 | $this->crypto = new CourierMD5Raw($this->createMock(IL10N::class)); 60 | } 61 | } 62 | -------------------------------------------------------------------------------- /tests/Crypto/CryptTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Crypt; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class Crypt. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CryptTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "$2y$10$5rsN1fmoSkaRy9bqhozAXOr0mn0QiVIfd2L04Bbk1Go9MjdvotwBq" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new Crypt($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /tests/Crypto/JoomlaTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 25 | use OCA\UserSQL\Crypto\Joomla; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class Joomla. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class JoomlaTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "14d21b49b0f13e2acba962b6b0039edd:haJK0yTvBXTNMh76xwEw5RYEVpJsN8us" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new Joomla($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /tests/Crypto/CourierSHA256Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CourierSHA256; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CourierSHA256. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CourierSHA256Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "{SHA256}XohImNooBHFR0OVvjcYpJ3NgPQ1qq73WKhHvch0VQtg=" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new CourierSHA256($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /tests/Crypto/CryptBlowfishTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CryptBlowfish; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CryptBlowfish. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CryptBlowfishTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "$2y$10$5rsN1fmoSkaRy9bqhozAXOr0mn0QiVIfd2L04Bbk1Go9MjdvotwBq" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new CryptBlowfish($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /lib/Platform/PostgreSQLPlatform.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Platform; 23 | 24 | use OC\DB\Connection; 25 | 26 | /** 27 | * PostgreSQL database platform. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class PostgreSQLPlatform extends AbstractPlatform 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param Connection $connection The database connection. 37 | */ 38 | public function __construct(Connection $connection) 39 | { 40 | parent::__construct($connection); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | protected function getViewName($row, $schema) 47 | { 48 | $schema ? ($row["schemaname"] . "." . $row["viewname"]) 49 | : $row["viewname"]; 50 | } 51 | 52 | /** 53 | * @inheritdoc 54 | */ 55 | protected function getTableName($row, $schema) 56 | { 57 | $schema ? ($row["schema_name"] . "." . $row["table_name"]) 58 | : $row["table_name"]; 59 | } 60 | 61 | /** 62 | * @inheritdoc 63 | */ 64 | protected function getColumnName($row) 65 | { 66 | return $row["field"]; 67 | } 68 | } 69 | -------------------------------------------------------------------------------- /tests/Crypto/CryptSHA256Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CryptSHA256; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CryptSHA256. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CryptSHA256Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "$5\$rounds=5000\$VIYD0iHkg7uY9SRc\$v2XLS/9dvfFN84mzGvW9wxnVt9Xd/urXaaTkpW8EwD1" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new CryptSHA256($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /tests/Crypto/SSHA256Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\SSHA256; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class SSHA256. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class SSHA256Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "{SSHA256}+WxTB3JxprNteeovsuSYtgI+UkVPA9lfwGoYkz3Ff7hjd1FSdmlTMkNsSExyR21KM3NvNTZ5V0p4WXJMUjFzUg==" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new SSHA256($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /lib/Constant/Opt.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Constant; 23 | 24 | /** 25 | * The option properties names. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | final class Opt 30 | { 31 | const APPEND_SALT = "opt.append_salt"; 32 | const CASE_INSENSITIVE_USERNAME = "opt.case_insensitive_username"; 33 | const CRYPTO_CLASS = "opt.crypto_class"; 34 | const CRYPTO_PARAM_0 = "opt.crypto_param_0"; 35 | const CRYPTO_PARAM_1 = "opt.crypto_param_1"; 36 | const CRYPTO_PARAM_2 = "opt.crypto_param_2"; 37 | const DEFAULT_GROUP = "opt.default_group"; 38 | const EMAIL_LOGIN = "opt.email_login"; 39 | const EMAIL_SYNC = "opt.email_sync"; 40 | const HOME_LOCATION = "opt.home_location"; 41 | const HOME_MODE = "opt.home_mode"; 42 | const NAME_CHANGE = "opt.name_change"; 43 | const NAME_SYNC = "opt.name_sync"; 44 | const PASSWORD_CHANGE = "opt.password_change"; 45 | const PREPEND_SALT = "opt.prepend_salt"; 46 | const PROVIDE_AVATAR = "opt.provide_avatar"; 47 | const QUOTA_SYNC = "opt.quota_sync"; 48 | const REVERSE_ACTIVE = "opt.reverse_active"; 49 | const SAFE_STORE = "opt.safe_store"; 50 | const USE_CACHE = "opt.use_cache"; 51 | } 52 | -------------------------------------------------------------------------------- /tests/Crypto/CryptArgon2Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CryptArgon2; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CryptArgon2. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CryptArgon2Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "\$argon2i\$v=19\$m=1024,t=2,p=2\$NnpSNlRNLlZobnJHUDh0Sw\$oW5E1cfdPzLWfkTvQFUyzTR00R0aLwEdYwldcqW6Pmo" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new CryptArgon2($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /tests/Crypto/SHA512Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 25 | use OCA\UserSQL\Crypto\SHA512; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class SHA512. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class SHA512Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "b109f3bbbc244eb82441917ed06d618b9008dd09b3befd1b5e07394c706a8bb980b1d7785e5976ec049b46df5f1326af5a2ea6d103fd07c95385ffab0cacbc86" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new SHA512($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /tests/Crypto/CryptArgon2idTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CryptArgon2id; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CryptArgon2id. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CryptArgon2idTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "\$argon2id\$v=19\$m=65536,t=4,p=1\$eWhTd3huemlhNGFkWTVSSQ\$BjSh9PINc9df9WU1zppBsYJKvkwUEYHYNUUMTj+QGPw" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new CryptArgon2id($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /tests/Crypto/SSHA512Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\SSHA512; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class SSHA512. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class SSHA512Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "{SSHA512}It+v1kAEUBbhMJYJ2swAtz+RLE6ispv/FB6G/ALhK/YWwEmrloY+0jzrWIfmu+rWUXp8u0Tg4jLXypC5oXAW00IyYnRVdEZJbE9wak96bkNRVWFCYmlJNWxrdTA0QmhL" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new SSHA512($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /tests/Crypto/CryptSHA512Test.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\CryptSHA512; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class CryptSHA512. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class CryptSHA512Test extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "$6\$rounds=5000\$yH.Q0OL4qbCOUJ3q\$Xry5EVFva3wKnfo8/ktrugmBd8tcl34NK6rXInv1HhmdSUNLEm0La9JnA57rqwQ.9/Bz513MD4tvmmISLUIHs/" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new CryptSHA512($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /tests/Crypto/WhirlpoolTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 25 | use OCA\UserSQL\Crypto\Whirlpool; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class SHA512Whirlpool. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class WhirlpoolTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "74dfc2b27acfa364da55f93a5caee29ccad3557247eda238831b3e9bd931b01d77fe994e4f12b9d4cfa92a124461d2065197d8cf7f33fc88566da2db2a4d6eae" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new Whirlpool($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /tests/Crypto/SHA512WhirlpoolTest.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace Tests\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\SHA512Whirlpool; 25 | use OCA\UserSQL\Crypto\IPasswordAlgorithm; 26 | use OCP\IL10N; 27 | use Test\TestCase; 28 | 29 | /** 30 | * Unit tests for class SHA512Whirlpool. 31 | * 32 | * @author Marcin Łojewski 33 | */ 34 | class SHA512WhirlpoolTest extends TestCase 35 | { 36 | /** 37 | * @var IPasswordAlgorithm 38 | */ 39 | private $crypto; 40 | 41 | public function testCheckPassword() 42 | { 43 | $this->assertTrue( 44 | $this->crypto->checkPassword( 45 | "password", 46 | "a96b16ebb691dbe968b0d66d0d924cff5cf5de5e0885181d00761d87f295b2bf3d3c66187c050fc01c196ff3acaa48d3561ffd170413346e934a32280d632f2e" 47 | ) 48 | ); 49 | } 50 | 51 | public function testPasswordHash() 52 | { 53 | $hash = $this->crypto->getPasswordHash("password"); 54 | $this->assertTrue($this->crypto->checkPassword("password", $hash)); 55 | } 56 | 57 | protected function setUp(): void 58 | { 59 | parent::setUp(); 60 | $this->crypto = new SHA512Whirlpool($this->createMock(IL10N::class)); 61 | } 62 | } 63 | -------------------------------------------------------------------------------- /lib/Crypto/Utils.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | /** 25 | * Cryptographic utilities. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | final class Utils 30 | { 31 | /** 32 | * Convert hexadecimal message to its base64 form. 33 | * 34 | * @param $hex string The hexadecimal encoded message. 35 | * 36 | * @return string The same message encoded in base64. 37 | */ 38 | public static function hexToBase64($hex) 39 | { 40 | $hexChr = ""; 41 | foreach (str_split($hex, 2) as $hexPair) { 42 | $hexChr .= chr(hexdec($hexPair)); 43 | } 44 | return base64_encode($hexChr); 45 | } 46 | 47 | /** 48 | * Generate random string from given alphabet. 49 | * 50 | * @param $length int The output string length. 51 | * @param $alphabet string The output string alphabet. 52 | * 53 | * @return string Random string from given alphabet. 54 | */ 55 | public static function randomString($length, $alphabet) 56 | { 57 | $string = ""; 58 | for ($idx = 0; $idx != $length; ++$idx) { 59 | $string .= $alphabet[random_int(0, strlen($alphabet) - 1)]; 60 | } 61 | return $string; 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /lib/AppInfo/Application.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\AppInfo; 23 | 24 | use OCP\AppFramework\App; 25 | use OCP\AppFramework\QueryException; 26 | 27 | /** 28 | * The application bootstrap class. 29 | * 30 | * @author Marcin Łojewski 31 | */ 32 | class Application extends App 33 | { 34 | /** 35 | * The class constructor. 36 | * 37 | * @param array $urlParams An array with variables extracted 38 | * from the routes. 39 | */ 40 | public function __construct(array $urlParams = array()) 41 | { 42 | parent::__construct("user_sql", $urlParams); 43 | } 44 | 45 | /** 46 | * Register the application backends 47 | * if all necessary configuration is provided. 48 | * 49 | * @throws QueryException If the query container's could not be resolved 50 | */ 51 | public function registerBackends() 52 | { 53 | $userBackend = $this->getContainer()->query( 54 | '\OCA\UserSQL\Backend\UserBackend' 55 | ); 56 | $groupBackend = $this->getContainer()->query( 57 | '\OCA\UserSQL\Backend\GroupBackend' 58 | ); 59 | 60 | if ($userBackend->isConfigured()) { 61 | \OC::$server->getUserManager()->registerBackend($userBackend); 62 | } 63 | if ($groupBackend->isConfigured()) { 64 | \OC::$server->getGroupManager()->addBackend($groupBackend); 65 | } 66 | } 67 | } 68 | -------------------------------------------------------------------------------- /lib/Crypto/CryptSHA256.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Param\IntParam; 25 | use OCP\IL10N; 26 | 27 | /** 28 | * SHA256 Crypt hash implementation. 29 | * 30 | * @see crypt() 31 | * @author Marcin Łojewski 32 | */ 33 | class CryptSHA256 extends AbstractCrypt 34 | { 35 | /** 36 | * @var int The number of rounds. 37 | */ 38 | private $rounds; 39 | 40 | /** 41 | * The class constructor. 42 | * 43 | * @param IL10N $localization The localization service. 44 | * @param int $rounds The number of rounds. 45 | * This value must be between 1000 and 999999999. 46 | */ 47 | public function __construct(IL10N $localization, $rounds = 5000) 48 | { 49 | parent::__construct($localization); 50 | $this->rounds = $rounds; 51 | } 52 | 53 | /** 54 | * @inheritdoc 55 | */ 56 | public function configuration() 57 | { 58 | return [new IntParam("Rounds", 5000, 1000, 999999999)]; 59 | } 60 | 61 | /** 62 | * @inheritdoc 63 | */ 64 | protected function getSalt() 65 | { 66 | return "$5\$rounds=" . $this->rounds . "$" . Utils::randomString( 67 | 16, self::SALT_ALPHABET 68 | ) . "$"; 69 | } 70 | 71 | /** 72 | * @inheritdoc 73 | */ 74 | protected function getAlgorithmName() 75 | { 76 | return "SHA256 (Crypt)"; 77 | } 78 | } 79 | -------------------------------------------------------------------------------- /lib/Crypto/CryptSHA512.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Param\IntParam; 25 | use OCP\IL10N; 26 | 27 | /** 28 | * SHA512 Crypt hash implementation. 29 | * 30 | * @see crypt() 31 | * @author Marcin Łojewski 32 | */ 33 | class CryptSHA512 extends AbstractCrypt 34 | { 35 | /** 36 | * @var int The number of rounds. 37 | */ 38 | private $rounds; 39 | 40 | /** 41 | * The class constructor. 42 | * 43 | * @param IL10N $localization The localization service. 44 | * @param int $rounds The number of rounds. 45 | * This value must be between 1000 and 999999999. 46 | */ 47 | public function __construct(IL10N $localization, $rounds = 5000) 48 | { 49 | parent::__construct($localization); 50 | $this->rounds = $rounds; 51 | } 52 | 53 | /** 54 | * @inheritdoc 55 | */ 56 | public function configuration() 57 | { 58 | return [new IntParam("Rounds", 5000, 1000, 999999999)]; 59 | } 60 | 61 | /** 62 | * @inheritdoc 63 | */ 64 | protected function getSalt() 65 | { 66 | return "$6\$rounds=" . $this->rounds . "$" . Utils::randomString( 67 | 16, self::SALT_ALPHABET 68 | ) . "$"; 69 | } 70 | 71 | /** 72 | * @inheritdoc 73 | */ 74 | protected function getAlgorithmName() 75 | { 76 | return "SHA512 (Crypt)"; 77 | } 78 | } 79 | -------------------------------------------------------------------------------- /lib/Constant/Query.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Constant; 23 | 24 | /** 25 | * The database query constants. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | final class Query 30 | { 31 | const BELONGS_TO_ADMIN = "belongs_to_admin"; 32 | const COUNT_GROUPS = "count_groups"; 33 | const COUNT_USERS = "count_users"; 34 | const FIND_GROUP = "find_group"; 35 | const FIND_GROUP_UIDS = "find_group_uids"; 36 | const FIND_GROUP_USERS = "find_group_users"; 37 | const FIND_GROUPS = "find_groups"; 38 | const FIND_USER_BY_UID = "find_user_by_uid"; 39 | const FIND_USER_BY_USERNAME = "find_user_by_username"; 40 | const FIND_USER_BY_USERNAME_CASE_INSENSITIVE = "find_user_by_username_case_insensitive"; 41 | const FIND_USER_BY_USERNAME_OR_EMAIL = "find_user_by_username_or_email"; 42 | const FIND_USER_BY_USERNAME_OR_EMAIL_CASE_INSENSITIVE = "find_user_by_username_or_email_case_insensitive"; 43 | const FIND_USER_GROUPS = "find_user_groups"; 44 | const FIND_USERS = "find_users"; 45 | const UPDATE_DISPLAY_NAME = "update_display_name"; 46 | const UPDATE_EMAIL = "update_email"; 47 | const UPDATE_PASSWORD = "update_password"; 48 | const UPDATE_QUOTA = "update_quota"; 49 | 50 | const EMAIL_PARAM = "email"; 51 | const GID_PARAM = "gid"; 52 | const NAME_PARAM = "name"; 53 | const PASSWORD_PARAM = "password"; 54 | const QUOTA_PARAM = "quota"; 55 | const SEARCH_PARAM = "search"; 56 | const UID_PARAM = "uid"; 57 | const USERNAME_PARAM = "username"; 58 | } 59 | -------------------------------------------------------------------------------- /lib/Crypto/HashHmac.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Param\ChoiceParam; 25 | use OCP\IL10N; 26 | 27 | /** 28 | * HMAC hash implementation. 29 | * 30 | * @see hash_hmac() 31 | * @author Marcin Łojewski 32 | */ 33 | class HashHmac extends AbstractAlgorithm 34 | { 35 | const DEFAULT_ALGORITHM = "ripemd160"; 36 | 37 | /** 38 | * @var string Hashing algorithm name. 39 | */ 40 | private $hashingAlgorithm; 41 | 42 | /** 43 | * The class constructor. 44 | * 45 | * @param IL10N $localization The localization service. 46 | * @param string $hashingAlgorithm Hashing algorithm name. 47 | */ 48 | public function __construct(IL10N $localization, $hashingAlgorithm = self::DEFAULT_ALGORITHM) 49 | { 50 | parent::__construct($localization); 51 | $this->hashingAlgorithm = $hashingAlgorithm; 52 | } 53 | 54 | /** 55 | * @inheritdoc 56 | */ 57 | public function getPasswordHash($password, $salt = null) 58 | { 59 | return hash_hmac($this->hashingAlgorithm, $password, $salt); 60 | } 61 | 62 | /** 63 | * @inheritdoc 64 | */ 65 | public function configuration() 66 | { 67 | return [ 68 | new ChoiceParam("Hashing algorithm", self::DEFAULT_ALGORITHM, hash_hmac_algos()) 69 | ]; 70 | } 71 | 72 | /** 73 | * @inheritdoc 74 | */ 75 | protected function getAlgorithmName() 76 | { 77 | return "Hash HMAC"; 78 | } 79 | } 80 | -------------------------------------------------------------------------------- /lib/Crypto/Joomla.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * Joomla hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | class Joomla extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function getPasswordHash($password, $salt = null) 47 | { 48 | $salt = Utils::randomString( 49 | 32, "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" 50 | ); 51 | 52 | return md5($password . $salt) . ":" . $salt; 53 | } 54 | 55 | /** 56 | * @inheritdoc 57 | */ 58 | public function checkPassword($password, $dbHash, $salt = null) 59 | { 60 | return hash_equals($dbHash, self::generateHash($password, $dbHash)); 61 | } 62 | 63 | private static function generateHash($password, $dbHash) 64 | { 65 | $split_salt = preg_split("/:/", $dbHash); 66 | $salt = false; 67 | if (isset($split_salt[1])) { 68 | $salt = $split_salt[1]; 69 | } 70 | $pwHash = ($salt) ? md5($password . $salt) : md5($password); 71 | $pwHash .= ":" . $salt; 72 | return $pwHash; 73 | } 74 | 75 | /** 76 | * @inheritdoc 77 | */ 78 | protected function getAlgorithmName() 79 | { 80 | return "Joomla MD5 Encryption"; 81 | } 82 | } 83 | -------------------------------------------------------------------------------- /lib/Crypto/AbstractAlgorithm.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * The abstract password algorithm class. 28 | * Each algorithm should extend this class, as it provides very base 29 | * functionality which seems to be necessary for every implementation. 30 | * 31 | * @author Marcin Łojewski 32 | */ 33 | abstract class AbstractAlgorithm implements IPasswordAlgorithm 34 | { 35 | /** 36 | * @var IL10N The localization service. 37 | */ 38 | private $localization; 39 | 40 | /** 41 | * The class constructor. 42 | * 43 | * @param IL10N $localization The localization service. 44 | */ 45 | public function __construct(IL10N $localization) 46 | { 47 | $this->localization = $localization; 48 | } 49 | 50 | /** 51 | * @inheritdoc 52 | */ 53 | public function getVisibleName() 54 | { 55 | return $this->localization->t($this->getAlgorithmName()); 56 | } 57 | 58 | /** 59 | * Get the algorithm name. 60 | * 61 | * @return string The algorithm name. 62 | */ 63 | protected abstract function getAlgorithmName(); 64 | 65 | /** 66 | * @inheritdoc 67 | */ 68 | public function checkPassword($password, $dbHash, $salt = null) 69 | { 70 | return hash_equals($dbHash, $this->getPasswordHash($password, $salt)); 71 | } 72 | 73 | /** 74 | * @inheritdoc 75 | */ 76 | public abstract function getPasswordHash($password, $salt = null); 77 | 78 | /** 79 | * @inheritdoc 80 | */ 81 | public function configuration() 82 | { 83 | return []; 84 | } 85 | } 86 | -------------------------------------------------------------------------------- /lib/Settings/Admin.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Settings; 23 | 24 | use OCA\UserSQL\Properties; 25 | use OCP\AppFramework\Http\TemplateResponse; 26 | use OCP\Settings\IDelegatedSettings; 27 | 28 | /** 29 | * The administrator's settings page. 30 | * 31 | * @author Marcin Łojewski 32 | */ 33 | class Admin implements IDelegatedSettings 34 | { 35 | /** 36 | * @var string The application name. 37 | */ 38 | private $appName; 39 | /** 40 | * @var Properties The properties array. 41 | */ 42 | private $properties; 43 | 44 | /** 45 | * The class constructor, 46 | * 47 | * @param string $AppName The application name. 48 | * @param Properties $properties The properties array. 49 | */ 50 | public function __construct($AppName, Properties $properties) 51 | { 52 | $this->appName = $AppName; 53 | $this->properties = $properties; 54 | } 55 | 56 | /** 57 | * @inheritdoc 58 | */ 59 | public function getForm() 60 | { 61 | return new TemplateResponse($this->appName, "admin", $this->properties->getArray()); 62 | } 63 | 64 | /** 65 | * @inheritdoc 66 | */ 67 | public function getSection() 68 | { 69 | return $this->appName; 70 | } 71 | 72 | /** 73 | * @inheritdoc 74 | */ 75 | public function getPriority() 76 | { 77 | return 25; 78 | } 79 | 80 | public function getName(): ?string { 81 | return null; // Only one setting in this section 82 | } 83 | 84 | public function getAuthorizedAppConfig(): array { 85 | return []; // Custom controller 86 | } 87 | } 88 | -------------------------------------------------------------------------------- /lib/Constant/DB.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Constant; 23 | 24 | /** 25 | * The database properties. 26 | * 27 | * @author Marcin Łojewski 28 | */ 29 | final class DB 30 | { 31 | const DATABASE = "db.database"; 32 | const DRIVER = "db.driver"; 33 | const HOSTNAME = "db.hostname"; 34 | const PASSWORD = "db.password"; 35 | const SSL_CA = "db.ssl_ca"; 36 | const SSL_CERT = "db.ssl_cert"; 37 | const SSL_KEY = "db.ssl_key"; 38 | const USERNAME = "db.username"; 39 | 40 | const GROUP_TABLE = "db.table.group"; 41 | const USER_GROUP_TABLE = "db.table.user_group"; 42 | const USER_TABLE = "db.table.user"; 43 | 44 | const GROUP_ADMIN_COLUMN = "db.table.group.column.admin"; 45 | const GROUP_GID_COLUMN = "db.table.group.column.gid"; 46 | const GROUP_NAME_COLUMN = "db.table.group.column.name"; 47 | 48 | const USER_GROUP_GID_COLUMN = "db.table.user_group.column.gid"; 49 | const USER_GROUP_UID_COLUMN = "db.table.user_group.column.uid"; 50 | 51 | const USER_ACTIVE_COLUMN = "db.table.user.column.active"; 52 | const USER_AVATAR_COLUMN = "db.table.user.column.avatar"; 53 | const USER_DISABLED_COLUMN = "db.table.user.column.disabled"; 54 | const USER_EMAIL_COLUMN = "db.table.user.column.email"; 55 | const USER_HOME_COLUMN = "db.table.user.column.home"; 56 | const USER_NAME_COLUMN = "db.table.user.column.name"; 57 | const USER_PASSWORD_COLUMN = "db.table.user.column.password"; 58 | const USER_QUOTA_COLUMN = "db.table.user.column.quota"; 59 | const USER_SALT_COLUMN = "db.table.user.column.salt"; 60 | const USER_UID_COLUMN = "db.table.user.column.uid"; 61 | const USER_USERNAME_COLUMN = "db.table.user.column.username"; 62 | } 63 | -------------------------------------------------------------------------------- /lib/Crypto/IPasswordAlgorithm.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | /** 25 | * Interface which defines all function required by a hash algorithm. 26 | * Please note that this interface must be implemented by every hash function supported in this app. 27 | * 28 | * @author Marcin Łojewski 29 | */ 30 | interface IPasswordAlgorithm 31 | { 32 | /** 33 | * Get the hash algorithm name. 34 | * This name is visible in the admin panel. 35 | * 36 | * @return string 37 | */ 38 | public function getVisibleName(); 39 | 40 | /** 41 | * Hash given password. 42 | * This value is stored in the database, when the password is changed. 43 | * 44 | * @param String $password The new password. 45 | * @param String $salt Optional. Salt value. 46 | * 47 | * @return boolean True if the password was hashed successfully, false otherwise. 48 | */ 49 | public function getPasswordHash($password, $salt = null); 50 | 51 | /** 52 | * Check password given by the user against hash stored in the database. 53 | * 54 | * @param String $password Password given by the user. 55 | * @param String $dbHash Password hash stored in the database. 56 | * @param String $salt Optional. Salt value. 57 | * 58 | * @return boolean True if the password is correct, false otherwise. 59 | */ 60 | public function checkPassword($password, $dbHash, $salt = null); 61 | 62 | /** 63 | * Configuration for the algorithm. 64 | * The return array should contain entries of class CryptoParam 65 | * 66 | * @return array The configuration array. 67 | */ 68 | public function configuration(); 69 | } 70 | -------------------------------------------------------------------------------- /lib/Crypto/CryptBlowfish.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Param\IntParam; 25 | use OCP\IL10N; 26 | 27 | /** 28 | * Blowfish Crypt hash implementation. 29 | * 30 | * @see crypt() 31 | * @author Marcin Łojewski 32 | */ 33 | class CryptBlowfish extends AbstractAlgorithm 34 | { 35 | /** 36 | * @var int Denotes the algorithmic cost that should be used. 37 | */ 38 | private $cost; 39 | 40 | /** 41 | * The class constructor. 42 | * 43 | * @param IL10N $localization The localization service. 44 | * @param int $cost Denotes the algorithmic cost that should 45 | * be used. 46 | */ 47 | public function __construct(IL10N $localization, $cost = 10) 48 | { 49 | parent::__construct($localization); 50 | $this->cost = $cost; 51 | } 52 | 53 | /** 54 | * @inheritdoc 55 | */ 56 | public function checkPassword($password, $dbHash, $salt = null) 57 | { 58 | return password_verify($password, $dbHash); 59 | } 60 | 61 | /** 62 | * @inheritdoc 63 | */ 64 | public function getPasswordHash($password, $salt = null) 65 | { 66 | return password_hash( 67 | $password, PASSWORD_BCRYPT, ["cost" => $this->cost] 68 | ); 69 | } 70 | 71 | /** 72 | * @inheritdoc 73 | */ 74 | public function configuration() 75 | { 76 | return [new IntParam("Cost", 10, 4, 31)]; 77 | } 78 | 79 | /** 80 | * Get the algorithm name. 81 | * 82 | * @return string The algorithm name. 83 | */ 84 | protected function getAlgorithmName() 85 | { 86 | return "Blowfish (Crypt)"; 87 | } 88 | } 89 | -------------------------------------------------------------------------------- /lib/Settings/Section.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Settings; 23 | 24 | use OCP\IL10N; 25 | use OCP\IURLGenerator; 26 | use OCP\Settings\IIconSection; 27 | 28 | /** 29 | * The section item. 30 | * 31 | * @author Marcin Łojewski 32 | */ 33 | class Section implements IIconSection 34 | { 35 | /** 36 | * @var string The application name. 37 | */ 38 | private $appName; 39 | /** 40 | * @var IURLGenerator The URL generator. 41 | */ 42 | private $urlGenerator; 43 | /** 44 | * @var IL10N The localization service. 45 | */ 46 | private $localization; 47 | 48 | /** 49 | * The class constructor. 50 | * 51 | * @param string $AppName The application name. 52 | * @param IURLGenerator $urlGenerator The URL generator. 53 | * @param IL10N $localization The localization service. 54 | */ 55 | public function __construct( 56 | $AppName, IURLGenerator $urlGenerator, IL10N $localization 57 | ) { 58 | $this->appName = $AppName; 59 | $this->urlGenerator = $urlGenerator; 60 | $this->localization = $localization; 61 | } 62 | 63 | /** 64 | * @inheritdoc 65 | */ 66 | public function getID() 67 | { 68 | return $this->appName; 69 | } 70 | 71 | /** 72 | * @inheritdoc 73 | */ 74 | public function getName() 75 | { 76 | return $this->localization->t("SQL Backends"); 77 | } 78 | 79 | /** 80 | * @inheritdoc 81 | */ 82 | public function getPriority() 83 | { 84 | return 25; 85 | } 86 | 87 | /** 88 | * @inheritdoc 89 | */ 90 | public function getIcon() 91 | { 92 | return $this->urlGenerator->imagePath($this->appName, "app-dark.svg"); 93 | } 94 | } 95 | -------------------------------------------------------------------------------- /appinfo/routes.php: -------------------------------------------------------------------------------- 1 | 6 | * @copyright 2018 Marcin Łojewski 7 | * @author Marcin Łojewski 8 | * 9 | * This program is free software: you can redistribute it and/or modify 10 | * it under the terms of the GNU Affero General Public License as 11 | * published by the Free Software Foundation, either version 3 of the 12 | * License, or (at your option) any later version. 13 | * 14 | * This program is distributed in the hope that it will be useful, 15 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 | * GNU Affero General Public License for more details. 18 | * 19 | * You should have received a copy of the GNU Affero General Public License 20 | * along with this program. If not, see . 21 | */ 22 | 23 | use OCA\UserSQL\AppInfo\Application; 24 | 25 | $application = new Application(); 26 | $application->registerRoutes( 27 | $this, [ 28 | "routes" => [ 29 | [ 30 | "name" => "settings#verifyDbConnection", 31 | "url" => "/settings/db/verify", 32 | "verb" => "POST" 33 | ], 34 | [ 35 | "name" => "settings#saveProperties", 36 | "url" => "/settings/properties", 37 | "verb" => "POST" 38 | ], 39 | [ 40 | "name" => "settings#clearCache", 41 | "url" => "/settings/cache/clear", 42 | "verb" => "POST" 43 | ], 44 | [ 45 | "name" => "settings#tableAutocomplete", 46 | "url" => "/settings/autocomplete/table", 47 | "verb" => "POST" 48 | ], 49 | [ 50 | "name" => "settings#userTableAutocomplete", 51 | "url" => "/settings/autocomplete/table/user", 52 | "verb" => "POST" 53 | ], 54 | [ 55 | "name" => "settings#userGroupTableAutocomplete", 56 | "url" => "/settings/autocomplete/table/user_group", 57 | "verb" => "POST" 58 | ], 59 | [ 60 | "name" => "settings#groupTableAutocomplete", 61 | "url" => "/settings/autocomplete/table/group", 62 | "verb" => "POST" 63 | ], 64 | [ 65 | "name" => "settings#cryptoParams", 66 | "url" => "/settings/crypto/params", 67 | "verb" => "GET" 68 | ], 69 | ] 70 | ] 71 | ); 72 | -------------------------------------------------------------------------------- /lib/Crypto/CryptExtendedDES.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Param\IntParam; 25 | use OCP\IL10N; 26 | 27 | /** 28 | * Extended DES Crypt hash implementation. 29 | * 30 | * @see crypt() 31 | * @author Marcin Łojewski 32 | */ 33 | class CryptExtendedDES extends AbstractCrypt 34 | { 35 | /** 36 | * @var int The number of iterations. 37 | */ 38 | private $iterationCount; 39 | 40 | /** 41 | * The class constructor. 42 | * 43 | * @param IL10N $localization The localization service. 44 | * @param int $iterationCount The number of iterations. 45 | */ 46 | public function __construct(IL10N $localization, $iterationCount = 1000) 47 | { 48 | parent::__construct($localization); 49 | $this->iterationCount = $iterationCount; 50 | } 51 | 52 | /** 53 | * @inheritdoc 54 | */ 55 | public function configuration() 56 | { 57 | return [new IntParam("Iterations", 1000, 0, 16777215)]; 58 | } 59 | 60 | /** 61 | * @inheritdoc 62 | */ 63 | protected function getSalt() 64 | { 65 | return self::encodeIterationCount($this->iterationCount) 66 | . Utils::randomString(4, self::SALT_ALPHABET); 67 | } 68 | 69 | /** 70 | * Get the number of iterations as describe below. 71 | * The 4 bytes of iteration count are encoded as printable characters, 72 | * 6 bits per character, least significant character first. 73 | * The values 0 to 63 are encoded as "./0-9A-Za-z". 74 | * 75 | * @param int $number The number of iterations. 76 | * 77 | * @return string 78 | */ 79 | private static function encodeIterationCount($number) 80 | { 81 | $alphabet = str_split(self::SALT_ALPHABET); 82 | $chars = array(); 83 | $base = sizeof($alphabet); 84 | 85 | while ($number) { 86 | $rem = $number % $base; 87 | $number = (int)($number / $base); 88 | $chars[] = $alphabet[$rem]; 89 | } 90 | 91 | return str_pad(implode($chars), 4, ".", STR_PAD_RIGHT); 92 | } 93 | 94 | /** 95 | * @inheritdoc 96 | */ 97 | protected function getAlgorithmName() 98 | { 99 | return "Extended DES (Crypt)"; 100 | } 101 | } 102 | -------------------------------------------------------------------------------- /lib/Crypto/SSHA.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCP\IL10N; 25 | 26 | /** 27 | * SSHA* hash implementation. 28 | * 29 | * @author Marcin Łojewski 30 | */ 31 | abstract class SSHA extends AbstractAlgorithm 32 | { 33 | /** 34 | * The class constructor. 35 | * 36 | * @param IL10N $localization The localization service. 37 | */ 38 | public function __construct(IL10N $localization) 39 | { 40 | parent::__construct($localization); 41 | } 42 | 43 | /** 44 | * @inheritdoc 45 | */ 46 | public function checkPassword($password, $dbHash, $salt = null) 47 | { 48 | $saltedPassword = base64_decode( 49 | preg_replace("/" . $this->getPrefix() . "/i", "", $dbHash) 50 | ); 51 | $salt = substr($saltedPassword, -(strlen($saltedPassword) - $this->getHashLength())); 52 | $hash = self::ssha($password, $salt); 53 | 54 | return hash_equals($dbHash, $hash); 55 | } 56 | 57 | /** 58 | * Get hash prefix eg. {SSHA256}. 59 | * 60 | * @return string The hash prefix. 61 | */ 62 | public abstract function getPrefix(); 63 | 64 | /** 65 | * Encrypt using SSHA* algorithm. 66 | * 67 | * @param string $password The password. 68 | * @param string $salt The salt to use. 69 | * 70 | * @return string The hashed password, prefixed by {SSHA*}. 71 | */ 72 | private function ssha($password, $salt) 73 | { 74 | return $this->getPrefix() . base64_encode( 75 | hash($this->getAlgorithm(), $password . $salt, true) . $salt 76 | ); 77 | } 78 | 79 | /** 80 | * Get algorithm used by the hash() function. 81 | * 82 | * @see hash() 83 | * @return string 84 | */ 85 | public abstract function getAlgorithm(); 86 | 87 | /** 88 | * Get hash length. 89 | * 90 | * @return int The hash length. 91 | */ 92 | public abstract function getHashLength(); 93 | 94 | /** 95 | * @inheritdoc 96 | */ 97 | public function getPasswordHash($password, $salt = null) 98 | { 99 | return self::ssha( 100 | $password, Utils::randomString( 101 | 32, "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" 102 | ) 103 | ); 104 | } 105 | } 106 | -------------------------------------------------------------------------------- /lib/Cache.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL; 23 | 24 | use OC\Memcache\NullCache; 25 | use OCA\UserSQL\Constant\App; 26 | use OCA\UserSQL\Constant\Opt; 27 | use OCP\ICache; 28 | use OCP\IConfig; 29 | use OCP\ILogger; 30 | 31 | /** 32 | * Used to store key-value pairs in the cache memory. 33 | * If there's no distributed cache available NULL cache is used. 34 | * 35 | * @author Marcin Łojewski 36 | */ 37 | class Cache 38 | { 39 | /** 40 | * @var ICache The cache instance. 41 | */ 42 | private $cache; 43 | 44 | /** 45 | * The default constructor. Initiates the cache memory. 46 | * 47 | * @param string $AppName The application name. 48 | * @param IConfig $config The config instance. 49 | * @param ILogger $logger The logger instance. 50 | */ 51 | public function __construct($AppName, IConfig $config, ILogger $logger) 52 | { 53 | $factory = \OC::$server->getMemCacheFactory(); 54 | $useCache = $config->getAppValue( 55 | $AppName, Opt::USE_CACHE, App::FALSE_VALUE 56 | ); 57 | 58 | if ($useCache === App::FALSE_VALUE) { 59 | $this->cache = new NullCache(); 60 | } elseif ($factory->isAvailable()) { 61 | $this->cache = $factory->createDistributed(); 62 | $logger->debug("Distributed cache initiated.", ["app" => $AppName]); 63 | } else { 64 | $logger->warning( 65 | "There's no distributed cache available, fallback to null cache.", 66 | ["app" => $AppName] 67 | ); 68 | $this->cache = new NullCache(); 69 | } 70 | } 71 | 72 | /** 73 | * Fetch a value from the cache memory. 74 | * 75 | * @param string $key The cache value key. 76 | * 77 | * @return mixed|NULL Cached value or NULL if there's no value stored. 78 | */ 79 | public function get($key) 80 | { 81 | return $this->cache->get($key); 82 | } 83 | 84 | /** 85 | * Store a value in the cache memory. 86 | * 87 | * @param string $key The cache value key. 88 | * @param mixed $value The value to store. 89 | * @param int $ttl (optional) TTL in seconds. Defaults to 1 hour. 90 | * 91 | * @return bool TRUE on success, FALSE otherwise. 92 | */ 93 | public function set($key, $value, $ttl = 3600) 94 | { 95 | return $this->cache->set($key, $value, $ttl); 96 | } 97 | 98 | /** 99 | * Clear the cache of all entries. 100 | * 101 | * @return bool TRUE on success, FALSE otherwise. 102 | */ 103 | public function clear() 104 | { 105 | return $this->cache->clear(); 106 | } 107 | } 108 | -------------------------------------------------------------------------------- /lib/Crypto/CryptArgon2.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Param\IntParam; 25 | use OCP\IL10N; 26 | 27 | /** 28 | * Argon2 Crypt hash implementation. 29 | * 30 | * @see crypt() 31 | * @author Marcin Łojewski 32 | */ 33 | class CryptArgon2 extends AbstractAlgorithm 34 | { 35 | /** 36 | * @var int Maximum memory (in bytes) that may be used to compute. 37 | */ 38 | private $memoryCost; 39 | /** 40 | * @var int Maximum amount of time it may take to compute. 41 | */ 42 | private $timeCost; 43 | /** 44 | * @var int Number of threads to use for computing. 45 | */ 46 | private $threads; 47 | 48 | /** 49 | * The class constructor. 50 | * 51 | * @param IL10N $localization The localization service. 52 | * @param int $memoryCost Maximum memory (in bytes) that may be used 53 | * to compute. 54 | * @param int $timeCost Maximum amount of time it may take to compute. 55 | * @param int $threads Number of threads to use for computing. 56 | */ 57 | public function __construct( 58 | IL10N $localization, $memoryCost = -1, $timeCost = -1, $threads = -1 59 | ) { 60 | if (version_compare(PHP_VERSION, "7.2.0") === -1) { 61 | throw new \RuntimeException( 62 | "PASSWORD_ARGON2I requires PHP 7.2.0 or above." 63 | ); 64 | } else { 65 | if ($memoryCost === -1) { 66 | $memoryCost = PASSWORD_ARGON2_DEFAULT_MEMORY_COST; 67 | } 68 | if ($timeCost === -1) { 69 | $timeCost = PASSWORD_ARGON2_DEFAULT_TIME_COST; 70 | } 71 | if ($threads === -1) { 72 | $threads = PASSWORD_ARGON2_DEFAULT_THREADS; 73 | } 74 | } 75 | 76 | parent::__construct($localization); 77 | $this->memoryCost = $memoryCost; 78 | $this->timeCost = $timeCost; 79 | $this->threads = $threads; 80 | } 81 | 82 | /** 83 | * @inheritdoc 84 | */ 85 | public function checkPassword($password, $dbHash, $salt = null) 86 | { 87 | return password_verify($password, $dbHash); 88 | } 89 | 90 | /** 91 | * @inheritdoc 92 | */ 93 | public function getPasswordHash($password, $salt = null) 94 | { 95 | return password_hash( 96 | $password, PASSWORD_ARGON2I, [ 97 | "memory_cost" => $this->memoryCost, 98 | "time_cost" => $this->timeCost, 99 | "threads" => $this->threads 100 | ] 101 | ); 102 | } 103 | 104 | /** 105 | * @inheritdoc 106 | */ 107 | public function configuration() 108 | { 109 | return [ 110 | new IntParam( 111 | "Memory cost (KiB)", PASSWORD_ARGON2_DEFAULT_MEMORY_COST, 1, 112 | 1048576 113 | ), 114 | new IntParam( 115 | "Time cost", PASSWORD_ARGON2_DEFAULT_TIME_COST, 1, 1024 116 | ), 117 | new IntParam("Threads", PASSWORD_ARGON2_DEFAULT_THREADS, 1, 1024) 118 | ]; 119 | } 120 | 121 | /** 122 | * @inheritdoc 123 | */ 124 | protected function getAlgorithmName() 125 | { 126 | return "Argon2i (Crypt)"; 127 | } 128 | } 129 | -------------------------------------------------------------------------------- /lib/Crypto/CryptArgon2id.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Param\IntParam; 25 | use OCP\IL10N; 26 | 27 | /** 28 | * Argon2id Crypt hash implementation. 29 | * 30 | * @see crypt() 31 | * @author Marcin Łojewski 32 | */ 33 | class CryptArgon2id extends AbstractAlgorithm 34 | { 35 | /** 36 | * @var int Maximum memory (in bytes) that may be used to compute. 37 | */ 38 | private $memoryCost; 39 | /** 40 | * @var int Maximum amount of time it may take to compute. 41 | */ 42 | private $timeCost; 43 | /** 44 | * @var int Number of threads to use for computing. 45 | */ 46 | private $threads; 47 | 48 | /** 49 | * The class constructor. 50 | * 51 | * @param IL10N $localization The localization service. 52 | * @param int $memoryCost Maximum memory (in bytes) that may be used 53 | * to compute. 54 | * @param int $timeCost Maximum amount of time it may take to compute. 55 | * @param int $threads Number of threads to use for computing. 56 | */ 57 | public function __construct( 58 | IL10N $localization, $memoryCost = -1, $timeCost = -1, $threads = -1 59 | ) { 60 | if (version_compare(PHP_VERSION, "7.2.0") === -1) { 61 | throw new \RuntimeException( 62 | " PASSWORD_ARGON2ID requires PHP 7.2.0 or above." 63 | ); 64 | } else { 65 | if ($memoryCost === -1) { 66 | $memoryCost = PASSWORD_ARGON2_DEFAULT_MEMORY_COST; 67 | } 68 | if ($timeCost === -1) { 69 | $timeCost = PASSWORD_ARGON2_DEFAULT_TIME_COST; 70 | } 71 | if ($threads === -1) { 72 | $threads = PASSWORD_ARGON2_DEFAULT_THREADS; 73 | } 74 | } 75 | 76 | parent::__construct($localization); 77 | $this->memoryCost = $memoryCost; 78 | $this->timeCost = $timeCost; 79 | $this->threads = $threads; 80 | } 81 | 82 | /** 83 | * @inheritdoc 84 | */ 85 | public function checkPassword($password, $dbHash, $salt = null) 86 | { 87 | return password_verify($password, $dbHash); 88 | } 89 | 90 | /** 91 | * @inheritdoc 92 | */ 93 | public function getPasswordHash($password, $salt = null) 94 | { 95 | return password_hash( 96 | $password, PASSWORD_ARGON2ID, [ 97 | "memory_cost" => $this->memoryCost, 98 | "time_cost" => $this->timeCost, 99 | "threads" => $this->threads 100 | ] 101 | ); 102 | } 103 | 104 | /** 105 | * @inheritdoc 106 | */ 107 | public function configuration() 108 | { 109 | return [ 110 | new IntParam( 111 | "Memory cost (KiB)", PASSWORD_ARGON2_DEFAULT_MEMORY_COST, 1, 112 | 1048576 113 | ), 114 | new IntParam( 115 | "Time cost", PASSWORD_ARGON2_DEFAULT_TIME_COST, 1, 1024 116 | ), 117 | new IntParam("Threads", PASSWORD_ARGON2_DEFAULT_THREADS, 1, 1024) 118 | ]; 119 | } 120 | 121 | /** 122 | * @inheritdoc 123 | */ 124 | protected function getAlgorithmName() 125 | { 126 | return "Argon2id (Crypt)"; 127 | } 128 | } 129 | -------------------------------------------------------------------------------- /lib/Action/QuotaSync.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Action; 23 | 24 | use OCA\UserSQL\Constant\App; 25 | use OCA\UserSQL\Constant\Opt; 26 | use OCA\UserSQL\Model\User; 27 | use OCA\UserSQL\Properties; 28 | use OCA\UserSQL\Repository\UserRepository; 29 | use OCP\IConfig; 30 | use OCP\ILogger; 31 | 32 | /** 33 | * Synchronizes the user quota. 34 | * 35 | * @author Marcin Łojewski 36 | */ 37 | class QuotaSync implements IUserAction 38 | { 39 | /** 40 | * @var string The application name. 41 | */ 42 | private $appName; 43 | /** 44 | * @var ILogger The logger instance. 45 | */ 46 | private $logger; 47 | /** 48 | * @var Properties The properties array. 49 | */ 50 | private $properties; 51 | /** 52 | * @var IConfig The config instance. 53 | */ 54 | private $config; 55 | /** 56 | * @var UserRepository The user repository. 57 | */ 58 | private $userRepository; 59 | 60 | /** 61 | * The default constructor. 62 | * 63 | * @param string $appName The application name. 64 | * @param ILogger $logger The logger instance. 65 | * @param Properties $properties The properties array. 66 | * @param IConfig $config The config instance. 67 | * @param UserRepository $userRepository The user repository. 68 | */ 69 | public function __construct( 70 | $appName, ILogger $logger, Properties $properties, IConfig $config, 71 | UserRepository $userRepository 72 | ) { 73 | $this->appName = $appName; 74 | $this->logger = $logger; 75 | $this->properties = $properties; 76 | $this->config = $config; 77 | $this->userRepository = $userRepository; 78 | } 79 | 80 | /** 81 | * @inheritdoc 82 | * @throws \OCP\PreConditionNotMetException 83 | */ 84 | public function doAction(User $user) 85 | { 86 | $this->logger->debug( 87 | "Entering QuotaSync#doAction($user->uid)", ["app" => $this->appName] 88 | ); 89 | 90 | $ncQuota = $this->config->getUserValue( 91 | $user->uid, "files", "quota", "" 92 | ); 93 | 94 | $result = false; 95 | 96 | switch ($this->properties[Opt::QUOTA_SYNC]) { 97 | case App::SYNC_INITIAL: 98 | if (empty($ncQuota) && !empty($user->quota)) { 99 | $this->config->setUserValue( 100 | $user->uid, "files", "quota", $user->quota 101 | ); 102 | } 103 | 104 | $result = true; 105 | break; 106 | case App::SYNC_FORCE_NC: 107 | if (!empty($ncQuota) && $user->quota !== $ncQuota) { 108 | $user = $this->userRepository->findByUid($user->uid); 109 | if (!($user instanceof User)) { 110 | break; 111 | } 112 | 113 | $user->quota = $ncQuota; 114 | $result = $this->userRepository->save($user, UserRepository::QUOTA_FIELD); 115 | } 116 | 117 | break; 118 | case App::SYNC_FORCE_SQL: 119 | if (!empty($user->quota) && $user->quota !== $ncQuota) { 120 | $this->config->setUserValue( 121 | $user->uid, "files", "quota", $user->quota 122 | ); 123 | } 124 | 125 | $result = true; 126 | break; 127 | } 128 | 129 | $this->logger->debug( 130 | "Returning QuotaSync#doAction($user->uid): " . ($result ? "true" 131 | : "false"), 132 | ["app" => $this->appName] 133 | ); 134 | 135 | return $result; 136 | } 137 | } 138 | -------------------------------------------------------------------------------- /lib/Action/EmailSync.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Action; 23 | 24 | use OCA\UserSQL\Constant\App; 25 | use OCA\UserSQL\Constant\Opt; 26 | use OCA\UserSQL\Model\User; 27 | use OCA\UserSQL\Properties; 28 | use OCA\UserSQL\Repository\UserRepository; 29 | use OCP\IConfig; 30 | use OCP\ILogger; 31 | 32 | /** 33 | * Synchronizes the user email address. 34 | * 35 | * @author Marcin Łojewski 36 | */ 37 | class EmailSync implements IUserAction 38 | { 39 | /** 40 | * @var string The application name. 41 | */ 42 | private $appName; 43 | /** 44 | * @var ILogger The logger instance. 45 | */ 46 | private $logger; 47 | /** 48 | * @var Properties The properties array. 49 | */ 50 | private $properties; 51 | /** 52 | * @var IConfig The config instance. 53 | */ 54 | private $config; 55 | /** 56 | * @var UserRepository The user repository. 57 | */ 58 | private $userRepository; 59 | 60 | /** 61 | * The default constructor. 62 | * 63 | * @param string $appName The application name. 64 | * @param ILogger $logger The logger instance. 65 | * @param Properties $properties The properties array. 66 | * @param IConfig $config The config instance. 67 | * @param UserRepository $userRepository The user repository. 68 | */ 69 | public function __construct( 70 | $appName, ILogger $logger, Properties $properties, IConfig $config, 71 | UserRepository $userRepository 72 | ) { 73 | $this->appName = $appName; 74 | $this->logger = $logger; 75 | $this->properties = $properties; 76 | $this->config = $config; 77 | $this->userRepository = $userRepository; 78 | } 79 | 80 | /** 81 | * @inheritdoc 82 | * @throws \OCP\PreConditionNotMetException 83 | */ 84 | public function doAction(User $user) 85 | { 86 | $this->logger->debug( 87 | "Entering EmailSync#doAction($user->uid)", ["app" => $this->appName] 88 | ); 89 | 90 | $ncMail = $this->config->getUserValue( 91 | $user->uid, "settings", "email", "" 92 | ); 93 | 94 | $result = false; 95 | 96 | switch ($this->properties[Opt::EMAIL_SYNC]) { 97 | case App::SYNC_INITIAL: 98 | if (empty($ncMail) && !empty($user->email)) { 99 | $this->config->setUserValue( 100 | $user->uid, "settings", "email", $user->email 101 | ); 102 | \OC::$server->getUserManager()->get($user->uid)->setEMailAddress($user->email); 103 | } 104 | 105 | $result = true; 106 | break; 107 | case App::SYNC_FORCE_NC: 108 | if (!empty($ncMail) && $user->email !== $ncMail) { 109 | $user = $this->userRepository->findByUid($user->uid); 110 | if (!($user instanceof User)) { 111 | break; 112 | } 113 | 114 | $user->email = $ncMail; 115 | $result = $this->userRepository->save($user, UserRepository::EMAIL_FIELD); 116 | } 117 | 118 | break; 119 | case App::SYNC_FORCE_SQL: 120 | if (!empty($user->email) && $user->email !== $ncMail) { 121 | $this->config->setUserValue( 122 | $user->uid, "settings", "email", $user->email 123 | ); 124 | \OC::$server->getUserManager()->get($user->uid)->setEMailAddress($user->email); 125 | } 126 | 127 | $result = true; 128 | break; 129 | } 130 | 131 | $this->logger->debug( 132 | "Returning EmailSync#doAction($user->uid): " . ($result ? "true" 133 | : "false"), 134 | ["app" => $this->appName] 135 | ); 136 | 137 | return $result; 138 | } 139 | } 140 | -------------------------------------------------------------------------------- /lib/Action/NameSync.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Björn Kinscher 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Action; 23 | 24 | use OCA\UserSQL\Constant\App; 25 | use OCA\UserSQL\Constant\Opt; 26 | use OCA\UserSQL\Model\User; 27 | use OCA\UserSQL\Properties; 28 | use OCA\UserSQL\Repository\UserRepository; 29 | use OCP\IConfig; 30 | use OCP\ILogger; 31 | 32 | /** 33 | * Synchronizes the user name. 34 | * 35 | * @author Björn Kinscher 36 | */ 37 | class NameSync implements IUserAction 38 | { 39 | /** 40 | * @var string The application name. 41 | */ 42 | private $appName; 43 | /** 44 | * @var ILogger The logger instance. 45 | */ 46 | private $logger; 47 | /** 48 | * @var Properties The properties array. 49 | */ 50 | private $properties; 51 | /** 52 | * @var IConfig The config instance. 53 | */ 54 | private $config; 55 | /** 56 | * @var UserRepository The user repository. 57 | */ 58 | private $userRepository; 59 | 60 | /** 61 | * The default constructor. 62 | * 63 | * @param string $appName The application name. 64 | * @param ILogger $logger The logger instance. 65 | * @param Properties $properties The properties array. 66 | * @param IConfig $config The config instance. 67 | * @param UserRepository $userRepository The user repository. 68 | */ 69 | public function __construct( 70 | $appName, ILogger $logger, Properties $properties, IConfig $config, 71 | UserRepository $userRepository 72 | ) { 73 | $this->appName = $appName; 74 | $this->logger = $logger; 75 | $this->properties = $properties; 76 | $this->config = $config; 77 | $this->userRepository = $userRepository; 78 | } 79 | 80 | /** 81 | * @inheritdoc 82 | * @throws \OCP\PreConditionNotMetException 83 | */ 84 | public function doAction(User $user) 85 | { 86 | $this->logger->debug( 87 | "Entering NameSync#doAction($user->uid)", ["app" => $this->appName] 88 | ); 89 | 90 | $ncName = $this->config->getUserValue( 91 | $user->uid, "settings", "displayName", "" 92 | ); 93 | 94 | $result = false; 95 | 96 | switch ($this->properties[Opt::NAME_SYNC]) { 97 | case App::SYNC_INITIAL: 98 | if (empty($ncName) && !empty($user->name)) { 99 | $this->config->setUserValue( 100 | $user->uid, "settings", "displayName", $user->name 101 | ); 102 | \OC::$server->getUserManager()->get($user->uid)->setDisplayName($user->name); 103 | } 104 | 105 | $result = true; 106 | break; 107 | case App::SYNC_FORCE_NC: 108 | if (!empty($ncName) && $user->name !== $ncName) { 109 | $user = $this->userRepository->findByUid($user->uid); 110 | if (!($user instanceof User)) { 111 | break; 112 | } 113 | 114 | $user->name = $ncName; 115 | $result = $this->userRepository->save($user, UserRepository::DISPLAY_NAME_FIELD); 116 | } 117 | 118 | break; 119 | case App::SYNC_FORCE_SQL: 120 | if (!empty($user->name) && $user->name !== $ncName) { 121 | $this->config->setUserValue( 122 | $user->uid, "settings", "displayName", $user->name 123 | ); 124 | \OC::$server->getUserManager()->get($user->uid)->setDisplayName($user->name); 125 | } 126 | 127 | $result = true; 128 | break; 129 | } 130 | 131 | $this->logger->debug( 132 | "Returning NameSync#doAction($user->uid): " . ($result ? "true" 133 | : "false"), 134 | ["app" => $this->appName] 135 | ); 136 | 137 | return $result; 138 | } 139 | } 140 | -------------------------------------------------------------------------------- /lib/Platform/AbstractPlatform.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Platform; 23 | 24 | use Doctrine\DBAL\DBALException; 25 | use OC\DB\Connection; 26 | 27 | /** 28 | * Database platform tools. 29 | * 30 | * @author Marcin Łojewski 31 | */ 32 | abstract class AbstractPlatform 33 | { 34 | /** 35 | * @var Connection The database connection. 36 | */ 37 | protected $connection; 38 | 39 | /** 40 | * The class constructor. 41 | * 42 | * @param Connection $connection The database connection. 43 | */ 44 | public function __construct(Connection $connection) 45 | { 46 | $this->connection = $connection; 47 | } 48 | 49 | /** 50 | * Get all the tables defined in the database. 51 | * 52 | * @param string $phrase Show only tables containing given phrase. 53 | * @param bool $schemaPrefix Show schema name in the results. 54 | * 55 | * @return array Array with table names. 56 | * @throws DBALException On a database exception. 57 | */ 58 | public function getTables($phrase = "", $schemaPrefix = false) 59 | { 60 | $platform = $this->connection->getDatabasePlatform(); 61 | 62 | $queryTables = $platform->getListTablesSQL(); 63 | $queryViews = $platform->getListViewsSQL( 64 | $this->connection->getDatabase() 65 | ); 66 | 67 | $tables = array(); 68 | 69 | $result = $this->connection->executeQuery($queryTables); 70 | while ($row = $result->fetch()) { 71 | $name = $this->getTableName($row, $schemaPrefix); 72 | if (preg_match("/.*$phrase.*/i", $name)) { 73 | $tables[] = $name; 74 | } 75 | } 76 | 77 | $result = $this->connection->executeQuery($queryViews); 78 | while ($row = $result->fetch()) { 79 | $name = $this->getViewName($row, $schemaPrefix); 80 | if (preg_match("/.*$phrase.*/i", $name)) { 81 | $tables[] = $name; 82 | } 83 | } 84 | 85 | return $tables; 86 | } 87 | 88 | /** 89 | * Get a table name from a query result row. 90 | * 91 | * @param array $row The query result row. 92 | * @param string $schema Put schema name in the result. 93 | * 94 | * @return string The table name retrieved from the row. 95 | */ 96 | protected abstract function getTableName($row, $schema); 97 | 98 | /** 99 | * Get a view name from a query result row. 100 | * 101 | * @param array $row The query result row. 102 | * @param string $schema Put schema name in the result. 103 | * 104 | * @return string The view name retrieved from the row. 105 | */ 106 | protected abstract function getViewName($row, $schema); 107 | 108 | /** 109 | * Get all the columns defined in the table. 110 | * 111 | * @param string $table The table name. 112 | * @param string $phrase Show only columns containing given phrase. 113 | * 114 | * @return array Array with column names. 115 | * @throws DBALException On a database exception. 116 | */ 117 | public function getColumns($table, $phrase = "") 118 | { 119 | $platform = $this->connection->getDatabasePlatform(); 120 | $query = $platform->getListTableColumnsSQL($table); 121 | $result = $this->connection->executeQuery($query); 122 | 123 | $columns = array(); 124 | 125 | while ($row = $result->fetch()) { 126 | $name = $this->getColumnName($row); 127 | if (preg_match("/.*$phrase.*/i", $name)) { 128 | $columns[] = $name; 129 | } 130 | } 131 | 132 | return $columns; 133 | } 134 | 135 | /** 136 | * Get a column name from a query result row. 137 | * 138 | * @param array $row The query result row. 139 | * 140 | * @return string The column name retrieved from the row. 141 | */ 142 | protected abstract function getColumnName($row); 143 | } 144 | -------------------------------------------------------------------------------- /lib/Crypto/Phpass.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Crypto; 23 | 24 | use OCA\UserSQL\Crypto\Param\IntParam; 25 | use OCP\IL10N; 26 | 27 | /** 28 | * phpass hash implementation. 29 | * 30 | * @author Marcin Łojewski 31 | */ 32 | class Phpass extends AbstractAlgorithm 33 | { 34 | const ITOA64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; 35 | 36 | private $iterationCount; 37 | 38 | /** 39 | * The class constructor. 40 | * 41 | * @param IL10N $localization The localization service. 42 | * @param int $iterationCount Iteration count (log2). 43 | * This value must be between 4 and 31. 44 | */ 45 | public function __construct(IL10N $localization, $iterationCount = 8) 46 | { 47 | parent::__construct($localization); 48 | $this->iterationCount = $iterationCount; 49 | } 50 | 51 | /** 52 | * @inheritdoc 53 | */ 54 | public function checkPassword($password, $dbHash, $salt = null) 55 | { 56 | return hash_equals($dbHash, $this->crypt($password, $dbHash)); 57 | } 58 | 59 | /** 60 | * @param string $password Password to encrypt. 61 | * @param string $setting Hash settings. 62 | * 63 | * @return string|null Generated hash. Null on invalid settings. 64 | */ 65 | protected function crypt($password, $setting) 66 | { 67 | $countLog2 = strpos(self::ITOA64, $setting[3]); 68 | if ($countLog2 < 7 || $countLog2 > 30) { 69 | return null; 70 | } 71 | 72 | $count = 1 << $countLog2; 73 | 74 | $salt = substr($setting, 4, 8); 75 | if (strlen($salt) !== 8) { 76 | return null; 77 | } 78 | 79 | $hash = $this->hash($salt . $password); 80 | do { 81 | $hash = $this->hash($hash . $password); 82 | } while (--$count); 83 | 84 | $output = substr($setting, 0, 12); 85 | $output .= $this->encode64($hash, strlen($hash)); 86 | 87 | return $output; 88 | } 89 | 90 | /** 91 | * Apply hash function to input. 92 | * 93 | * @param string $input Input string. 94 | * 95 | * @return string Hashed input. 96 | */ 97 | protected function hash($input) 98 | { 99 | return md5($input, true); 100 | } 101 | 102 | /** 103 | * Encode binary input to base64 string. 104 | * 105 | * @param string $input Binary data. 106 | * @param int $count Data size. 107 | * 108 | * @return string Base64 encoded data. 109 | */ 110 | private function encode64($input, $count) 111 | { 112 | $output = ''; 113 | $i = 0; 114 | do { 115 | $value = ord($input[$i++]); 116 | $output .= self::ITOA64[$value & 0x3f]; 117 | if ($i < $count) { 118 | $value |= ord($input[$i]) << 8; 119 | } 120 | $output .= self::ITOA64[($value >> 6) & 0x3f]; 121 | if ($i++ >= $count) { 122 | break; 123 | } 124 | if ($i < $count) { 125 | $value |= ord($input[$i]) << 16; 126 | } 127 | $output .= self::ITOA64[($value >> 12) & 0x3f]; 128 | if ($i++ >= $count) { 129 | break; 130 | } 131 | $output .= self::ITOA64[($value >> 18) & 0x3f]; 132 | } while ($i < $count); 133 | 134 | return $output; 135 | } 136 | 137 | /** 138 | * @inheritdoc 139 | */ 140 | public function getPasswordHash($password, $salt = null) 141 | { 142 | return $this->crypt($password, $this->genSalt()); 143 | } 144 | 145 | /** 146 | * Generate salt for the hash. 147 | * 148 | * @return string Salt string. 149 | */ 150 | private function genSalt() 151 | { 152 | $output = '$P$'; 153 | $output .= self::ITOA64[min($this->iterationCount + 5, 30)]; 154 | $output .= $this->encode64(random_bytes(6), 6); 155 | 156 | return $output; 157 | } 158 | 159 | /** 160 | * @inheritdoc 161 | */ 162 | public function configuration() 163 | { 164 | return [new IntParam("Iterations (log2)", 8, 4, 31)]; 165 | } 166 | 167 | /** 168 | * @inheritdoc 169 | */ 170 | protected function getAlgorithmName() 171 | { 172 | return "Portable PHP password"; 173 | } 174 | } 175 | -------------------------------------------------------------------------------- /lib/Repository/GroupRepository.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Repository; 23 | 24 | use OCA\UserSQL\Constant\Query; 25 | use OCA\UserSQL\Model\Group; 26 | use OCA\UserSQL\Query\DataQuery; 27 | 28 | /** 29 | * The group repository. 30 | * 31 | * @author Marcin Łojewski 32 | */ 33 | class GroupRepository 34 | { 35 | /** 36 | * @var DataQuery The data query object. 37 | */ 38 | private $dataQuery; 39 | 40 | /** 41 | * The class constructor. 42 | * 43 | * @param DataQuery $dataQuery The data query object. 44 | */ 45 | public function __construct(DataQuery $dataQuery) 46 | { 47 | $this->dataQuery = $dataQuery; 48 | } 49 | 50 | /** 51 | * Get a group entity object. 52 | * 53 | * @param string $gid The group ID. 54 | * 55 | * @return Group The group entity, NULL if it does not exists or 56 | * FALSE on failure. 57 | */ 58 | public function findByGid($gid) 59 | { 60 | return $this->dataQuery->queryEntity( 61 | Query::FIND_GROUP, Group::class, [Query::GID_PARAM => $gid] 62 | ); 63 | } 64 | 65 | /** 66 | * Get all groups a user belongs to. 67 | * 68 | * @param string $uid The user ID. 69 | * 70 | * @return Group[] Array of group entity objects or FALSE on failure. 71 | */ 72 | public function findAllByUid($uid) 73 | { 74 | return $this->dataQuery->queryEntities( 75 | Query::FIND_USER_GROUPS, Group::class, [Query::UID_PARAM => $uid] 76 | ); 77 | } 78 | 79 | /** 80 | * Get a list of all user IDs belonging to the group. 81 | * 82 | * @param string $gid The group ID. 83 | * @param string $search The UID search term. Defaults to "" (empty string). 84 | * @param int $limit (optional) Results limit. 85 | * Defaults to -1 (no limit). 86 | * @param int $offset (optional) Results offset. Defaults to 0. 87 | * 88 | * @return string[] Array of UIDs belonging to the group 89 | * or FALSE on failure. 90 | */ 91 | public function findAllUidsBySearchTerm( 92 | $gid, $search = "", $limit = -1, $offset = 0 93 | ) { 94 | return $this->dataQuery->queryColumn( 95 | Query::FIND_GROUP_UIDS, 96 | [Query::GID_PARAM => $gid, Query::SEARCH_PARAM => $search], $limit, 97 | $offset 98 | ); 99 | } 100 | 101 | /** 102 | * Get a list of all user IDs and their display-name belonging to the group. 103 | * 104 | * @param string $gid The group ID. 105 | * @param string $search The UID search term. Defaults to "" (empty string). 106 | * @param int $limit (optional) Results limit. 107 | * Defaults to -1 (no limit). 108 | * @param int $offset (optional) Results offset. Defaults to 0. 109 | * 110 | * @return array Array of display-names indexed by UIDs belonging to the group 111 | * or FALSE on failure. 112 | */ 113 | public function findAllUsersBySearchTerm( 114 | $gid, $search = "", $limit = -1, $offset = 0 115 | ) { 116 | $data = $this->dataQuery->queryColumns( 117 | Query::FIND_GROUP_USERS, 118 | [Query::GID_PARAM => $gid, Query::SEARCH_PARAM => $search], $limit, 119 | $offset 120 | ); 121 | return array_column($data, QUERY::NAME_PARAM, Query::UID_PARAM); 122 | } 123 | 124 | /** 125 | * Get an array of group entity objects. 126 | * 127 | * @param string $search The search term. Defaults to "" (empty string). 128 | * @param int $limit (optional) Results limit. 129 | * Defaults to -1 (no limit). 130 | * @param int $offset (optional) Results offset. Defaults to 0. 131 | * 132 | * @return Group[] Array of group entity objects or FALSE on failure. 133 | */ 134 | public function findAllBySearchTerm($search = "", $limit = -1, $offset = 0) 135 | { 136 | return $this->dataQuery->queryEntities( 137 | Query::FIND_GROUPS, Group::class, [Query::SEARCH_PARAM => $search], 138 | $limit, $offset 139 | ); 140 | } 141 | 142 | /** 143 | * Get the number of users in given group matching the search term. 144 | * 145 | * @param string $gid The group ID. 146 | * @param string $search The UID search term. Defaults to "" (empty string). 147 | * 148 | * @return int The number of users in given group matching the search term 149 | * or FALSE on failure. 150 | */ 151 | public function countAll($gid, $search = "") 152 | { 153 | return $this->dataQuery->queryValue( 154 | Query::COUNT_GROUPS, 155 | [Query::GID_PARAM => $gid, Query::SEARCH_PARAM => $search] 156 | ); 157 | } 158 | 159 | /** 160 | * Find out if the user belongs to any admin group. 161 | * 162 | * @param string $uid The user ID. 163 | * 164 | * @return bool|null TRUE if the user belongs to any admin group, 165 | * FALSE if not, NULL on failure. 166 | */ 167 | public function belongsToAdmin($uid) 168 | { 169 | return $this->dataQuery->queryValue( 170 | Query::BELONGS_TO_ADMIN, [Query::UID_PARAM => $uid], null 171 | ); 172 | } 173 | } 174 | -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- 1 | # Changelog 2 | All notable changes to this project will be documented in this file. 3 | 4 | The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/) 5 | and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html). 6 | 7 | ## [4.7.1] 8 | - Support for Nextcloud 22, 23 9 | 10 | ## [4.7.0] 11 | ### Changed 12 | - Support for Doctrine 3 13 | - Support for Nextcloud 21 only 14 | 15 | ## [4.6.0] - 2021-01-16 16 | ### Fixed 17 | - [issue#123](https://github.com/nextcloud/user_sql/issues/123) - sync exception - Duplicate entry 18 | ### Added 19 | - Support for Nextcloud 20 20 | 21 | ## [4.5.0] - 2020-04-13 22 | ### Added 23 | - Support for Nextcloud 19 24 | - Argon2id support 25 | - System wide values option 26 | - Allow email login option 27 | - UID user table column 28 | - GID user table column 29 | - HMAC hash implementation 30 | - Default group option 31 | 32 | ## [4.4.1] - 2020-02-02 33 | ### Fixed 34 | - Issue generating 'Object of class Closure could not be converted to string' log message 35 | 36 | ## [4.4.0] - 2019-10-09 37 | ### Added 38 | - Users can confirm passwords 39 | - Support Nextcloud password_policy 40 | - Support for Nextcloud 18 41 | - Name sync option 42 | 43 | ### Fixed 44 | - Getting user display names backend 45 | - Do not include users which are disabled 46 | 47 | ### Changed 48 | - Extend user/group search 49 | 50 | ## [4.3.0] - 2018-12-30 51 | ### Added 52 | - Reverse active column option 53 | - Support for Nextcloud 16 54 | - Set default value for "provide avatar" option 55 | - Set hash algorithm parameters 56 | 57 | ## [4.2.1] - 2018-12-22 58 | ### Fixed 59 | - SQL error when same column names given in several tables 60 | 61 | ## [4.2.0] - 2018-12-16 62 | ### Added 63 | - Support for Nextcloud 15 64 | - Redmine, SHA-256, SHA-512 hash algorithms 65 | 66 | ### Fixed 67 | - Loading user list when display name is null 68 | - Hide "password change form" when "Allow password change" not set 69 | 70 | ### Changed 71 | - Append salt only when checked. Not by default 72 | 73 | ## [4.1.0] - 2018-10-28 74 | ### Added 75 | - Whirlpool hash algorithm 76 | - 'Prepend salt' toggle 77 | - Drupal 7 hash algorithm 78 | - 'Case-insensitive username' option 79 | 80 | ### Fixed 81 | - Error when 'Display name' not set 82 | - Encoding of iteration for 'Extended DES (Crypt)' 83 | - 'Trying to get property of non-object' warning 84 | 85 | ## [4.0.1] - 2018-08-16 86 | ### Fixed 87 | - Leftover lines break the admin page 88 | 89 | ## [4.0.0] - 2018-08-11 90 | ### Added 91 | - SHA512 Whirlpool hash algorithm 92 | - WoltLab Community Framework 2.x hash algorithm 93 | - phpass hash implementation 94 | - Support for salt column 95 | - User quota synchronization 96 | 97 | ### Changed 98 | - Example SQL script in README file 99 | - Fixed misspelling 100 | - Support for Nextcloud 14 only 101 | - Group backend implementation 102 | - User backend implementation 103 | 104 | ### Fixed 105 | - Table and column autocomplete in settings panel 106 | 107 | ## [4.0.0-rc2] - 2018-06-14 108 | ### Added 109 | - User active column 110 | 111 | ### Changed 112 | - Fixed "Use of undefined constant" error for Argon2 Crypt with PHP below 7.2. 113 | 114 | ## [4.0.0-rc1] - 2018-06-13 115 | ### Added 116 | - New hash algorithms: Argon2 Crypt (PHP 7.2 and above), Blowfish Crypt, Courier base64-encoded MD5, Courier base64-encoded SHA1, Courier base64-encoded SHA256, Courier hexadecimal MD5, Extended DES Crypt, SHA256 Crypt, SHA512 Crypt, SSHA512, Standard DES Crypt 117 | - Option to allow users to change their display names 118 | - Option to allow user to change its avatar 119 | - Database query results cache 120 | - Option for group display name 121 | - Option for group is admin flag 122 | 123 | ### Changed 124 | - The whole core implementation, which is NOT COMPATIBLE with the previous versions. 125 | - Minimum supported PHP version - 7.0 126 | 127 | ### Removed 128 | - MySQL ENCRYPT() hash implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release. 129 | - MySQL PASSWORD() hash implementation - Function is deprecated as of MySQL 5.7.6 and will be removed in a future MySQL release. 130 | - Redmine hash implementation - Cannot implement in new core system. 131 | - User active column - Use database view instead 132 | - Domain support 133 | 134 | ## [3.1.0] - 2018-02-06 135 | ### Added 136 | - Column autocomplete for PostgreSQL 137 | - Currently supported parameters in README.md 138 | - SALT support for password algorithms "system" and "password_hash" 139 | 140 | ### Changed 141 | - Updated README.me file 142 | - Nextcloud 12 & 13 support 143 | - Moved files to be more on the standard places 144 | - Renamed some files to be more standard like 145 | - Source code changes to be more standard like (max 80 characters) 146 | 147 | ### Fixed 148 | - Column autocomplete in "Groups Settings" 149 | - Security fix for password length sniffing attacks 150 | - Small bug fixes 151 | 152 | ## Removed 153 | - Code for supervisor mode 154 | 155 | ## 2.4.0 - 2017-12-26 156 | ### Added 157 | - This CHANGELOG.md file 158 | - Support for PHP 7 159 | - SHA1 hash algorithm support 160 | - Groups option 161 | - Supervisor option 162 | 163 | ### Changed 164 | - Supported version of ownCloud, Nextcloud: ownCloud 10, Nextcloud 12 165 | 166 | [4.7.1]: https://github.com/nextcloud/user_sql/compare/v4.7.0...v4.7.1 167 | [4.7.0]: https://github.com/nextcloud/user_sql/compare/v4.6.0...v4.7.0 168 | [4.6.0]: https://github.com/nextcloud/user_sql/compare/v4.5.0...v4.6.0 169 | [4.5.0]: https://github.com/nextcloud/user_sql/compare/v4.4.1...v4.5.0 170 | [4.4.1]: https://github.com/nextcloud/user_sql/compare/v4.4.0...v4.4.1 171 | [4.4.0]: https://github.com/nextcloud/user_sql/compare/v4.3.0...v4.4.0 172 | [4.3.0]: https://github.com/nextcloud/user_sql/compare/v4.2.1...v4.3.0 173 | [4.2.1]: https://github.com/nextcloud/user_sql/compare/v4.2.0...v4.2.1 174 | [4.2.0]: https://github.com/nextcloud/user_sql/compare/v4.1.0...v4.2.0 175 | [4.1.0]: https://github.com/nextcloud/user_sql/compare/v4.0.1...v4.1.0 176 | [4.0.1]: https://github.com/nextcloud/user_sql/compare/v4.0.0...v4.0.1 177 | [4.0.0]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc2...v4.0.0 178 | [4.0.0-rc2]: https://github.com/nextcloud/user_sql/compare/v4.0.0-rc1...v4.0.0-rc2 179 | [4.0.0-rc1]: https://github.com/nextcloud/user_sql/compare/v3.1.0...v4.0.0-rc1 180 | [3.1.0]: https://github.com/nextcloud/user_sql/compare/v2.4.0...v3.1.0 181 | -------------------------------------------------------------------------------- /lib/Repository/UserRepository.php: -------------------------------------------------------------------------------- 1 | 6 | * @author Marcin Łojewski 7 | * 8 | * This program is free software: you can redistribute it and/or modify 9 | * it under the terms of the GNU Affero General Public License as 10 | * published by the Free Software Foundation, either version 3 of the 11 | * License, or (at your option) any later version. 12 | * 13 | * This program is distributed in the hope that it will be useful, 14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of 15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 | * GNU Affero General Public License for more details. 17 | * 18 | * You should have received a copy of the GNU Affero General Public License 19 | * along with this program. If not, see . 20 | */ 21 | 22 | namespace OCA\UserSQL\Repository; 23 | 24 | use OCA\UserSQL\Constant\Query; 25 | use OCA\UserSQL\Model\User; 26 | use OCA\UserSQL\Query\DataQuery; 27 | 28 | /** 29 | * The user repository. 30 | * 31 | * @author Marcin Łojewski 32 | */ 33 | class UserRepository 34 | { 35 | const DISPLAY_NAME_FIELD = 0b0001; 36 | const EMAIL_FIELD = 0b0010; 37 | const PASSWORD_FIELD = 0b0100; 38 | const QUOTA_FIELD = 0b1000; 39 | 40 | /** 41 | * @var DataQuery The data query object. 42 | */ 43 | private $dataQuery; 44 | 45 | /** 46 | * The class constructor. 47 | * 48 | * @param DataQuery $dataQuery The data query object. 49 | */ 50 | public function __construct(DataQuery $dataQuery) 51 | { 52 | $this->dataQuery = $dataQuery; 53 | } 54 | 55 | /** 56 | * Get an user entity object. 57 | * 58 | * @param mixed $uid The user ID. 59 | * 60 | * @return User The user entity, NULL if it does not exists or 61 | * FALSE on failure. 62 | */ 63 | public function findByUid($uid) 64 | { 65 | return $this->dataQuery->queryEntity( 66 | Query::FIND_USER_BY_UID, User::class, [Query::UID_PARAM => $uid] 67 | ); 68 | } 69 | 70 | /** 71 | * Get an user entity object. 72 | * 73 | * @param string $username The username. 74 | * @param bool $caseSensitive TRUE for case sensitive search, 75 | * FALSE for case insensitive search. 76 | * 77 | * @return User The user entity, NULL if it does not exists or 78 | * FALSE on failure. 79 | */ 80 | public function findByUsername($username, $caseSensitive = true) 81 | { 82 | if ($caseSensitive) { 83 | return $this->dataQuery->queryEntity( 84 | Query::FIND_USER_BY_USERNAME, User::class, [Query::USERNAME_PARAM => $username] 85 | ); 86 | } else { 87 | return $this->dataQuery->queryEntity( 88 | Query::FIND_USER_BY_USERNAME_CASE_INSENSITIVE, User::class, [Query::USERNAME_PARAM => $username] 89 | ); 90 | } 91 | } 92 | 93 | /** 94 | * Get an user entity object. 95 | * 96 | * @param string $query The username or email address. 97 | * @param bool $caseSensitive TRUE for case sensitive search, 98 | * FALSE for case insensitive search. 99 | * 100 | * @return User The user entity, NULL if it does not exists or 101 | * FALSE on failure. 102 | */ 103 | public function findByUsernameOrEmail($query, $caseSensitive = true) 104 | { 105 | if ($caseSensitive) { 106 | return $this->dataQuery->queryEntity( 107 | Query::FIND_USER_BY_USERNAME_OR_EMAIL, User::class, 108 | [Query::USERNAME_PARAM => $query, Query::EMAIL_PARAM => $query] 109 | ); 110 | } else { 111 | return $this->dataQuery->queryEntity( 112 | Query::FIND_USER_BY_USERNAME_OR_EMAIL_CASE_INSENSITIVE, User::class, 113 | [Query::USERNAME_PARAM => $query, Query::EMAIL_PARAM => $query] 114 | ); 115 | } 116 | } 117 | 118 | /** 119 | * Get an array of user entity objects. 120 | * 121 | * @param string $search The search term. Defaults to "" (empty string). 122 | * @param int $limit (optional) Results limit. 123 | * Defaults to -1 (no limit). 124 | * @param int $offset (optional) Results offset. Defaults to 0. 125 | * 126 | * @return User[] Array of user entity objects or FALSE on failure. 127 | */ 128 | public function findAllBySearchTerm($search = "", $limit = -1, $offset = 0) 129 | { 130 | return $this->dataQuery->queryEntities( 131 | Query::FIND_USERS, User::class, [Query::SEARCH_PARAM => $search], 132 | $limit, $offset 133 | ); 134 | } 135 | 136 | /** 137 | * Get the number of users. 138 | * 139 | * @param string $search The search term. Defaults to "" (empty string). 140 | * 141 | * @return int The number of users or FALSE on failure. 142 | */ 143 | public function countAll($search = "") 144 | { 145 | return $this->dataQuery->queryValue( 146 | Query::COUNT_USERS, [Query::SEARCH_PARAM => $search] 147 | ); 148 | } 149 | 150 | /** 151 | * Save an user entity object. 152 | * 153 | * @param User $user The user entity. 154 | * @param int $fields Fields to update. 155 | * 156 | * @return bool TRUE on success, FALSE otherwise. 157 | */ 158 | public function save($user, $fields) 159 | { 160 | $status = true; 161 | 162 | if ($fields & self::DISPLAY_NAME_FIELD) { 163 | $status =& $this->dataQuery->update( 164 | Query::UPDATE_DISPLAY_NAME, [ 165 | Query::NAME_PARAM => $user->name, 166 | Query::UID_PARAM => $user->uid 167 | ] 168 | ); 169 | } 170 | if ($fields & self::PASSWORD_FIELD) { 171 | $status =& $this->dataQuery->update( 172 | Query::UPDATE_PASSWORD, [ 173 | Query::PASSWORD_PARAM => $user->password, 174 | Query::UID_PARAM => $user->uid 175 | ] 176 | ); 177 | } 178 | if ($fields & self::EMAIL_FIELD) { 179 | $status =& $this->dataQuery->update( 180 | Query::UPDATE_EMAIL, [ 181 | Query::EMAIL_PARAM => $user->email, 182 | Query::UID_PARAM => $user->uid 183 | ] 184 | ); 185 | } 186 | if ($fields & self::QUOTA_FIELD) { 187 | $status =& $this->dataQuery->update( 188 | Query::UPDATE_QUOTA, [ 189 | Query::QUOTA_PARAM => $user->quota, 190 | Query::UID_PARAM => $user->uid 191 | ] 192 | ); 193 | } 194 | 195 | return $status; 196 | } 197 | } 198 | --------------------------------------------------------------------------------