Merge pull request #31637 from nextcloud/add-password-reset-typed-events

Add password reset typed events and modernize LostController
nextcloud · Jun 13, 2022 · 12e3e85 · 12e3e85
2 parents 7f8b032 + abe5ff3
commit 12e3e85
Show file tree

Hide file tree

Showing 6 changed files with 228 additions and 65 deletions.
diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php
@@ -35,17 +35,21 @@
  */
 namespace OC\Core\Controller;
 
+use Exception;
 use OC\Authentication\TwoFactorAuth\Manager;
+use OC\Core\Events\BeforePasswordResetEvent;
+use OC\Core\Events\PasswordResetEvent;
 use OC\Core\Exception\ResetPasswordException;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\Http\TemplateResponse;
+use OCP\AppFramework\Services\IInitialState;
 use OCP\Defaults;
 use OCP\Encryption\IEncryptionModule;
 use OCP\Encryption\IManager;
+use OCP\EventDispatcher\IEventDispatcher;
 use OCP\HintException;
 use OCP\IConfig;
-use OCP\IInitialStateService;
 use OCP\IL10N;
 use OCP\IRequest;
 use OCP\IURLGenerator;
@@ -77,8 +81,9 @@ class LostController extends Controller {
  protected IMailer $mailer;
  private LoggerInterface $logger;
  private Manager $twoFactorManager;
- private IInitialStateService $initialStateService;
+ private IInitialState $initialState;
  private IVerificationToken $verificationToken;
+ private IEventDispatcher $eventDispatcher;
 
  public function __construct(
  string $appName,
@@ -88,13 +93,14 @@ public function __construct(
  Defaults $defaults,
  IL10N $l10n,
  IConfig $config,
- $defaultMailAddress,
+ string $defaultMailAddress,
  IManager $encryptionManager,
  IMailer $mailer,
  LoggerInterface $logger,
  Manager $twoFactorManager,
- IInitialStateService $initialStateService,
- IVerificationToken $verificationToken
+ IInitialState $initialState,
+ IVerificationToken $verificationToken,
+ IEventDispatcher $eventDispatcher
  ) {
  parent::__construct($appName, $request);
  $this->urlGenerator = $urlGenerator;
@@ -107,8 +113,9 @@ public function __construct(
  $this->mailer = $mailer;
  $this->logger = $logger;
  $this->twoFactorManager = $twoFactorManager;
- $this->initialStateService = $initialStateService;
+ $this->initialState = $initialState;
  $this->verificationToken = $verificationToken;
+ $this->eventDispatcher = $eventDispatcher;
  }
 
  /**
@@ -120,7 +127,7 @@ public function __construct(
  public function resetform(string $token, string $userId): TemplateResponse {
  try {
  $this->checkPasswordResetToken($token, $userId);
- } catch (\Exception $e) {
+ } catch (Exception $e) {
  if ($this->config->getSystemValue('lost_password_link', '') !== 'disabled'
  || ($e instanceof InvalidTokenException
  && !in_array($e->getCode(), [InvalidTokenException::TOKEN_NOT_FOUND, InvalidTokenException::USER_UNKNOWN]))
@@ -138,8 +145,8 @@ public function resetform(string $token, string $userId): TemplateResponse {
  TemplateResponse::RENDER_AS_GUEST
  );
  }
- $this->initialStateService->provideInitialState('core', 'resetPasswordUser', $userId);
- $this->initialStateService->provideInitialState('core', 'resetPasswordTarget',
+ $this->initialState->provideInitialState('resetPasswordUser', $userId);
+ $this->initialState->provideInitialState('resetPasswordTarget',
  $this->urlGenerator->linkToRouteAbsolute('core.lost.setPassword', ['userId' => $userId, 'token' => $token])
  );
 
@@ -152,7 +159,7 @@ public function resetform(string $token, string $userId): TemplateResponse {
  }
 
  /**
- * @throws \Exception
+ * @throws Exception
  */
  protected function checkPasswordResetToken(string $token, string $userId): void {
  try {
@@ -162,7 +169,7 @@ protected function checkPasswordResetToken(string $token, string $userId): void
  $error = $e->getCode() === InvalidTokenException::TOKEN_EXPIRED
  ? $this->l10n->t('Could not reset password because the token is expired')
  : $this->l10n->t('Could not reset password because the token is invalid');
- throw new \Exception($error, (int)$e->getCode(), $e);
+ throw new Exception($error, (int)$e->getCode(), $e);
  }
  }
 
@@ -196,7 +203,7 @@ public function email(string $user): JSONResponse {
  } catch (ResetPasswordException $e) {
  // Ignore the error since we do not want to leak this info
  $this->logger->warning('Could not send password reset email: ' . $e->getMessage());
- } catch (\Exception $e) {
+ } catch (Exception $e) {
  $this->logger->error($e->getMessage(), ['exception' => $e]);
  }
 
@@ -225,12 +232,14 @@ public function setPassword(string $token, string $userId, string $password, boo
  $this->checkPasswordResetToken($token, $userId);
  $user = $this->userManager->get($userId);
 
+ $this->eventDispatcher->dispatchTyped(new BeforePasswordResetEvent($user, $password));
  \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', ['uid' => $userId, 'password' => $password]);
 
  if (!$user->setPassword($password)) {
- throw new \Exception();
+ throw new Exception();
  }
 
+ $this->eventDispatcher->dispatchTyped(new PasswordResetEvent($user, $password));
  \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'post_passwordReset', ['uid' => $userId, 'password' => $password]);
 
  $this->twoFactorManager->clearTwoFactorPending($userId);
@@ -239,7 +248,7 @@ public function setPassword(string $token, string $userId, string $password, boo
  @\OC::$server->getUserSession()->unsetMagicInCookie();
  } catch (HintException $e) {
  return $this->error($e->getHint());
- } catch (\Exception $e) {
+ } catch (Exception $e) {
  return $this->error($e->getMessage());
  }
 
@@ -292,7 +301,7 @@ protected function sendEmail(string $input): void {
  $message->setFrom([$this->from => $this->defaults->getName()]);
  $message->useTemplate($emailTemplate);
  $this->mailer->send($message);
- } catch (\Exception $e) {
+ } catch (Exception $e) {
  // Log the exception and continue
  $this->logger->error($e->getMessage(), ['app' => 'core', 'exception' => $e]);
  }

diff --git a/core/Events/BeforePasswordResetEvent.php b/core/Events/BeforePasswordResetEvent.php
@@ -0,0 +1,63 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright 2019 Christoph Wurst <[email protected]>
+ *
+ * @author Christoph Wurst <[email protected]>
+ * @author Morris Jobke <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+namespace OC\Core\Events;
+
+use OCP\EventDispatcher\Event;
+use OCP\IUser;
+
+/**
+ * Emitted before the user password is reset.
+ *
+ * @since 25.0.0
+ */
+class BeforePasswordResetEvent extends Event {
+ private IUser $user;
+ private string $password;
+
+ /**
+ * @since 25.0.0
+ */
+ public function __construct(IUser $user, string $password) {
+ parent::__construct();
+ $this->user = $user;
+ $this->password = $password;
+ }
+
+ /**
+ * @since 25.0.0
+ */
+ public function getUser(): IUser {
+ return $this->user;
+ }
+
+ /**
+ * @since 25.0.0
+ */
+ public function getPassword(): string {
+ return $this->password;
+ }
+}
diff --git a/core/Events/PasswordResetEvent.php b/core/Events/PasswordResetEvent.php
@@ -0,0 +1,63 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright 2019 Christoph Wurst <[email protected]>
+ *
+ * @author Christoph Wurst <[email protected]>
+ * @author Morris Jobke <[email protected]>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+namespace OC\Core\Events;
+
+use OCP\EventDispatcher\Event;
+use OCP\IUser;
+
+/**
+ * Emitted after the user password is reset.
+ *
+ * @since 25.0.0
+ */
+class PasswordResetEvent extends Event {
+ private IUser $user;
+ private string $password;
+
+ /**
+ * @since 25.0.0
+ */
+ public function __construct(IUser $user, string $password) {
+ parent::__construct();
+ $this->user = $user;
+ $this->password = $password;
+ }
+
+ /**
+ * @since 25.0.0
+ */
+ public function getUser(): IUser {
+ return $this->user;
+ }
+
+ /**
+ * @since 25.0.0
+ */
+ public function getPassword(): string {
+ return $this->password;
+ }
+}
diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php
@@ -981,6 +981,8 @@
  'OC\\Core\\Db\\LoginFlowV2Mapper' => $baseDir . '/core/Db/LoginFlowV2Mapper.php',
  'OC\\Core\\Db\\ProfileConfig' => $baseDir . '/core/Db/ProfileConfig.php',
  'OC\\Core\\Db\\ProfileConfigMapper' => $baseDir . '/core/Db/ProfileConfigMapper.php',
+ 'OC\\Core\\Events\\BeforePasswordResetEvent' => $baseDir . '/core/Events/BeforePasswordResetEvent.php',
+ 'OC\\Core\\Events\\PasswordResetEvent' => $baseDir . '/core/Events/PasswordResetEvent.php',
  'OC\\Core\\Exception\\LoginFlowV2NotFoundException' => $baseDir . '/core/Exception/LoginFlowV2NotFoundException.php',
  'OC\\Core\\Exception\\ResetPasswordException' => $baseDir . '/core/Exception/ResetPasswordException.php',
  'OC\\Core\\Middleware\\TwoFactorMiddleware' => $baseDir . '/core/Middleware/TwoFactorMiddleware.php',

diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php
@@ -1014,6 +1014,8 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2
  'OC\\Core\\Db\\LoginFlowV2Mapper' => __DIR__ . '/../../..' . '/core/Db/LoginFlowV2Mapper.php',
  'OC\\Core\\Db\\ProfileConfig' => __DIR__ . '/../../..' . '/core/Db/ProfileConfig.php',
  'OC\\Core\\Db\\ProfileConfigMapper' => __DIR__ . '/../../..' . '/core/Db/ProfileConfigMapper.php',
+ 'OC\\Core\\Events\\BeforePasswordResetEvent' => __DIR__ . '/../../..' . '/core/Events/BeforePasswordResetEvent.php',
+ 'OC\\Core\\Events\\PasswordResetEvent' => __DIR__ . '/../../..' . '/core/Events/PasswordResetEvent.php',
  'OC\\Core\\Exception\\LoginFlowV2NotFoundException' => __DIR__ . '/../../..' . '/core/Exception/LoginFlowV2NotFoundException.php',
  'OC\\Core\\Exception\\ResetPasswordException' => __DIR__ . '/../../..' . '/core/Exception/ResetPasswordException.php',
  'OC\\Core\\Middleware\\TwoFactorMiddleware' => __DIR__ . '/../../..' . '/core/Middleware/TwoFactorMiddleware.php',