From 6a8d61504ef46746860a0c149ad2789f10d2450e Mon Sep 17 00:00:00 2001 From: Maxence Lange Date: Mon, 11 Nov 2024 23:21:11 -0100 Subject: [PATCH] fix(ocm): move API to NCU Signed-off-by: Maxence Lange --- .../cloud_federation_api/lib/Capabilities.php | 8 +-- .../Controller/RequestHandlerController.php | 12 ++-- lib/composer/composer/autoload_classmap.php | 48 ++++++++-------- lib/composer/composer/autoload_static.php | 48 ++++++++-------- .../CloudFederationProviderManager.php | 2 +- lib/private/OCM/Model/OCMProvider.php | 4 +- lib/private/OCM/OCMSignatoryManager.php | 18 +++--- .../PublicPrivateKeyPairs/KeyPairManager.php | 8 +-- .../PublicPrivateKeyPairs/Model/KeyPair.php | 2 +- .../Signature/Model/IncomingSignedRequest.php | 18 ++++-- .../Signature/Model/OutgoingSignedRequest.php | 3 +- .../Security/Signature/Model/Signatory.php | 8 +-- .../Signature/Model/SignedRequest.php | 6 +- .../Security/Signature/SignatureManager.php | 56 ++++++++++--------- lib/private/Server.php | 4 +- lib/public/OCM/IOCMProvider.php | 2 +- .../Exceptions/KeyPairConflictException.php | 4 +- .../Exceptions/KeyPairException.php | 4 +- .../Exceptions/KeyPairNotFoundException.php | 4 +- .../PublicPrivateKeyPairs/IKeyPairManager.php | 20 +++---- .../PublicPrivateKeyPairs/Model/IKeyPair.php | 20 +++---- .../Exceptions/IncomingRequestException.php | 4 +- .../IncomingRequestNotFoundException.php | 4 +- .../Exceptions/InvalidKeyOriginException.php | 4 +- .../Exceptions/InvalidSignatureException.php | 4 +- .../Exceptions/SignatoryConflictException.php | 4 +- .../Exceptions/SignatoryException.php | 4 +- .../Exceptions/SignatoryNotFoundException.php | 4 +- .../Exceptions/SignatureException.php | 4 +- .../SignatureIdentityNotFoundException.php | 4 +- .../Exceptions/SignatureNotFoundException.php | 4 +- .../Security/Signature/ISignatoryManager.php | 16 +++--- .../Security/Signature/ISignatureManager.php | 30 +++++----- .../Model/IIncomingSignedRequest.php | 24 ++++---- .../Model/IOutgoingSignedRequest.php | 22 ++++---- .../Security/Signature/Model/ISignatory.php | 37 ++++++------ .../Signature/Model/ISignedRequest.php | 24 ++++---- .../Signature/Model/SignatoryStatus.php | 8 +-- .../Signature/Model/SignatoryType.php | 12 ++-- .../Security/Signature/SignatureAlgorithm.php | 8 +-- 40 files changed, 269 insertions(+), 251 deletions(-) rename lib/{public => unstable}/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php (77%) rename lib/{public => unstable}/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php (77%) rename lib/{public => unstable}/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php (73%) rename lib/{public => unstable}/Security/PublicPrivateKeyPairs/IKeyPairManager.php (81%) rename lib/{public => unstable}/Security/PublicPrivateKeyPairs/Model/IKeyPair.php (81%) rename lib/{public => unstable}/Security/Signature/Exceptions/IncomingRequestException.php (77%) rename lib/{public => unstable}/Security/Signature/Exceptions/IncomingRequestNotFoundException.php (77%) rename lib/{public => unstable}/Security/Signature/Exceptions/InvalidKeyOriginException.php (77%) rename lib/{public => unstable}/Security/Signature/Exceptions/InvalidSignatureException.php (77%) rename lib/{public => unstable}/Security/Signature/Exceptions/SignatoryConflictException.php (77%) rename lib/{public => unstable}/Security/Signature/Exceptions/SignatoryException.php (76%) rename lib/{public => unstable}/Security/Signature/Exceptions/SignatoryNotFoundException.php (77%) rename lib/{public => unstable}/Security/Signature/Exceptions/SignatureException.php (77%) rename lib/{public => unstable}/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php (77%) rename lib/{public => unstable}/Security/Signature/Exceptions/SignatureNotFoundException.php (77%) rename lib/{public => unstable}/Security/Signature/ISignatoryManager.php (85%) rename lib/{public => unstable}/Security/Signature/ISignatureManager.php (87%) rename lib/{public => unstable}/Security/Signature/Model/IIncomingSignedRequest.php (87%) rename lib/{public => unstable}/Security/Signature/Model/IOutgoingSignedRequest.php (85%) rename lib/{public => unstable}/Security/Signature/Model/ISignatory.php (84%) rename lib/{public => unstable}/Security/Signature/Model/ISignedRequest.php (84%) rename lib/{public => unstable}/Security/Signature/Model/SignatoryStatus.php (77%) rename lib/{public => unstable}/Security/Signature/Model/SignatoryType.php (80%) rename lib/{public => unstable}/Security/Signature/SignatureAlgorithm.php (72%) diff --git a/apps/cloud_federation_api/lib/Capabilities.php b/apps/cloud_federation_api/lib/Capabilities.php index e6bc7228aaae8..97d959d6fe343 100644 --- a/apps/cloud_federation_api/lib/Capabilities.php +++ b/apps/cloud_federation_api/lib/Capabilities.php @@ -8,14 +8,14 @@ */ namespace OCA\CloudFederationAPI; +use NCU\Security\PublicPrivateKeyPairs\Exceptions\KeyPairException; +use NCU\Security\Signature\Exceptions\SignatoryException; use OC\OCM\OCMSignatoryManager; use OCP\Capabilities\ICapability; use OCP\IAppConfig; use OCP\IURLGenerator; use OCP\OCM\Exceptions\OCMArgumentException; use OCP\OCM\IOCMProvider; -use OCP\Security\PublicPrivateKeyPairs\Exceptions\KeyPairException; -use OCP\Security\Signature\Exceptions\SignatoryException; use Psr\Log\LoggerInterface; class Capabilities implements ICapability { @@ -42,11 +42,11 @@ public function __construct( * keyId: string, * publicKeyPem: string, * }, - * resourceTypes: array{ + * resourceTypes: list, * protocols: array - * }[], + * }>, * version: string * } * } diff --git a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php index bbd6398e2947f..c7a7479bce707 100644 --- a/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php +++ b/apps/cloud_federation_api/lib/Controller/RequestHandlerController.php @@ -5,6 +5,12 @@ */ namespace OCA\CloudFederationAPI\Controller; +use NCU\Security\Signature\Exceptions\IncomingRequestException; +use NCU\Security\Signature\Exceptions\SignatoryNotFoundException; +use NCU\Security\Signature\Exceptions\SignatureException; +use NCU\Security\Signature\Exceptions\SignatureNotFoundException; +use NCU\Security\Signature\ISignatureManager; +use NCU\Security\Signature\Model\IIncomingSignedRequest; use OC\OCM\OCMSignatoryManager; use OCA\CloudFederationAPI\Config; use OCA\CloudFederationAPI\ResponseDefinitions; @@ -28,12 +34,6 @@ use OCP\IRequest; use OCP\IURLGenerator; use OCP\IUserManager; -use OCP\Security\Signature\Exceptions\IncomingRequestException; -use OCP\Security\Signature\Exceptions\SignatoryNotFoundException; -use OCP\Security\Signature\Exceptions\SignatureException; -use OCP\Security\Signature\Exceptions\SignatureNotFoundException; -use OCP\Security\Signature\ISignatureManager; -use OCP\Security\Signature\Model\IIncomingSignedRequest; use OCP\Share\Exceptions\ShareNotFound; use OCP\Share\IProviderFactory; use OCP\Share\IShare; diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php index 9be80750bf4f3..f02cf4fed3dd6 100644 --- a/lib/composer/composer/autoload_classmap.php +++ b/lib/composer/composer/autoload_classmap.php @@ -7,6 +7,30 @@ return array( 'Composer\\InstalledVersions' => $vendorDir . '/composer/InstalledVersions.php', + 'NCU\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairConflictException' => $baseDir . '/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php', + 'NCU\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairException' => $baseDir . '/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php', + 'NCU\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairNotFoundException' => $baseDir . '/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php', + 'NCU\\Security\\PublicPrivateKeyPairs\\IKeyPairManager' => $baseDir . '/lib/unstable/Security/PublicPrivateKeyPairs/IKeyPairManager.php', + 'NCU\\Security\\PublicPrivateKeyPairs\\Model\\IKeyPair' => $baseDir . '/lib/unstable/Security/PublicPrivateKeyPairs/Model/IKeyPair.php', + 'NCU\\Security\\Signature\\Exceptions\\IncomingRequestException' => $baseDir . '/lib/unstable/Security/Signature/Exceptions/IncomingRequestException.php', + 'NCU\\Security\\Signature\\Exceptions\\IncomingRequestNotFoundException' => $baseDir . '/lib/unstable/Security/Signature/Exceptions/IncomingRequestNotFoundException.php', + 'NCU\\Security\\Signature\\Exceptions\\InvalidKeyOriginException' => $baseDir . '/lib/unstable/Security/Signature/Exceptions/InvalidKeyOriginException.php', + 'NCU\\Security\\Signature\\Exceptions\\InvalidSignatureException' => $baseDir . '/lib/unstable/Security/Signature/Exceptions/InvalidSignatureException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatoryConflictException' => $baseDir . '/lib/unstable/Security/Signature/Exceptions/SignatoryConflictException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatoryException' => $baseDir . '/lib/unstable/Security/Signature/Exceptions/SignatoryException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatoryNotFoundException' => $baseDir . '/lib/unstable/Security/Signature/Exceptions/SignatoryNotFoundException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatureException' => $baseDir . '/lib/unstable/Security/Signature/Exceptions/SignatureException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatureIdentityNotFoundException' => $baseDir . '/lib/unstable/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatureNotFoundException' => $baseDir . '/lib/unstable/Security/Signature/Exceptions/SignatureNotFoundException.php', + 'NCU\\Security\\Signature\\ISignatoryManager' => $baseDir . '/lib/unstable/Security/Signature/ISignatoryManager.php', + 'NCU\\Security\\Signature\\ISignatureManager' => $baseDir . '/lib/unstable/Security/Signature/ISignatureManager.php', + 'NCU\\Security\\Signature\\Model\\IIncomingSignedRequest' => $baseDir . '/lib/unstable/Security/Signature/Model/IIncomingSignedRequest.php', + 'NCU\\Security\\Signature\\Model\\IOutgoingSignedRequest' => $baseDir . '/lib/unstable/Security/Signature/Model/IOutgoingSignedRequest.php', + 'NCU\\Security\\Signature\\Model\\ISignatory' => $baseDir . '/lib/unstable/Security/Signature/Model/ISignatory.php', + 'NCU\\Security\\Signature\\Model\\ISignedRequest' => $baseDir . '/lib/unstable/Security/Signature/Model/ISignedRequest.php', + 'NCU\\Security\\Signature\\Model\\SignatoryStatus' => $baseDir . '/lib/unstable/Security/Signature/Model/SignatoryStatus.php', + 'NCU\\Security\\Signature\\Model\\SignatoryType' => $baseDir . '/lib/unstable/Security/Signature/Model/SignatoryType.php', + 'NCU\\Security\\Signature\\SignatureAlgorithm' => $baseDir . '/lib/unstable/Security/Signature/SignatureAlgorithm.php', 'OCP\\Accounts\\IAccount' => $baseDir . '/lib/public/Accounts/IAccount.php', 'OCP\\Accounts\\IAccountManager' => $baseDir . '/lib/public/Accounts/IAccountManager.php', 'OCP\\Accounts\\IAccountProperty' => $baseDir . '/lib/public/Accounts/IAccountProperty.php', @@ -687,32 +711,8 @@ 'OCP\\Security\\Ip\\IRange' => $baseDir . '/lib/public/Security/Ip/IRange.php', 'OCP\\Security\\Ip\\IRemoteAddress' => $baseDir . '/lib/public/Security/Ip/IRemoteAddress.php', 'OCP\\Security\\PasswordContext' => $baseDir . '/lib/public/Security/PasswordContext.php', - 'OCP\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairConflictException' => $baseDir . '/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php', - 'OCP\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairException' => $baseDir . '/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php', - 'OCP\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairNotFoundException' => $baseDir . '/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php', - 'OCP\\Security\\PublicPrivateKeyPairs\\IKeyPairManager' => $baseDir . '/lib/public/Security/PublicPrivateKeyPairs/IKeyPairManager.php', - 'OCP\\Security\\PublicPrivateKeyPairs\\Model\\IKeyPair' => $baseDir . '/lib/public/Security/PublicPrivateKeyPairs/Model/IKeyPair.php', 'OCP\\Security\\RateLimiting\\ILimiter' => $baseDir . '/lib/public/Security/RateLimiting/ILimiter.php', 'OCP\\Security\\RateLimiting\\IRateLimitExceededException' => $baseDir . '/lib/public/Security/RateLimiting/IRateLimitExceededException.php', - 'OCP\\Security\\Signature\\Exceptions\\IncomingRequestException' => $baseDir . '/lib/public/Security/Signature/Exceptions/IncomingRequestException.php', - 'OCP\\Security\\Signature\\Exceptions\\IncomingRequestNotFoundException' => $baseDir . '/lib/public/Security/Signature/Exceptions/IncomingRequestNotFoundException.php', - 'OCP\\Security\\Signature\\Exceptions\\InvalidKeyOriginException' => $baseDir . '/lib/public/Security/Signature/Exceptions/InvalidKeyOriginException.php', - 'OCP\\Security\\Signature\\Exceptions\\InvalidSignatureException' => $baseDir . '/lib/public/Security/Signature/Exceptions/InvalidSignatureException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatoryConflictException' => $baseDir . '/lib/public/Security/Signature/Exceptions/SignatoryConflictException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatoryException' => $baseDir . '/lib/public/Security/Signature/Exceptions/SignatoryException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatoryNotFoundException' => $baseDir . '/lib/public/Security/Signature/Exceptions/SignatoryNotFoundException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatureException' => $baseDir . '/lib/public/Security/Signature/Exceptions/SignatureException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatureIdentityNotFoundException' => $baseDir . '/lib/public/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatureNotFoundException' => $baseDir . '/lib/public/Security/Signature/Exceptions/SignatureNotFoundException.php', - 'OCP\\Security\\Signature\\ISignatoryManager' => $baseDir . '/lib/public/Security/Signature/ISignatoryManager.php', - 'OCP\\Security\\Signature\\ISignatureManager' => $baseDir . '/lib/public/Security/Signature/ISignatureManager.php', - 'OCP\\Security\\Signature\\Model\\IIncomingSignedRequest' => $baseDir . '/lib/public/Security/Signature/Model/IIncomingSignedRequest.php', - 'OCP\\Security\\Signature\\Model\\IOutgoingSignedRequest' => $baseDir . '/lib/public/Security/Signature/Model/IOutgoingSignedRequest.php', - 'OCP\\Security\\Signature\\Model\\ISignatory' => $baseDir . '/lib/public/Security/Signature/Model/ISignatory.php', - 'OCP\\Security\\Signature\\Model\\ISignedRequest' => $baseDir . '/lib/public/Security/Signature/Model/ISignedRequest.php', - 'OCP\\Security\\Signature\\Model\\SignatoryStatus' => $baseDir . '/lib/public/Security/Signature/Model/SignatoryStatus.php', - 'OCP\\Security\\Signature\\Model\\SignatoryType' => $baseDir . '/lib/public/Security/Signature/Model/SignatoryType.php', - 'OCP\\Security\\Signature\\SignatureAlgorithm' => $baseDir . '/lib/public/Security/Signature/SignatureAlgorithm.php', 'OCP\\Security\\VerificationToken\\IVerificationToken' => $baseDir . '/lib/public/Security/VerificationToken/IVerificationToken.php', 'OCP\\Security\\VerificationToken\\InvalidTokenException' => $baseDir . '/lib/public/Security/VerificationToken/InvalidTokenException.php', 'OCP\\Server' => $baseDir . '/lib/public/Server.php', diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php index be1382b74a6b7..c5914668036e0 100644 --- a/lib/composer/composer/autoload_static.php +++ b/lib/composer/composer/autoload_static.php @@ -48,6 +48,30 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2 public static $classMap = array ( 'Composer\\InstalledVersions' => __DIR__ . '/..' . '/composer/InstalledVersions.php', + 'NCU\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairConflictException' => __DIR__ . '/../../..' . '/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php', + 'NCU\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairException' => __DIR__ . '/../../..' . '/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php', + 'NCU\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairNotFoundException' => __DIR__ . '/../../..' . '/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php', + 'NCU\\Security\\PublicPrivateKeyPairs\\IKeyPairManager' => __DIR__ . '/../../..' . '/lib/unstable/Security/PublicPrivateKeyPairs/IKeyPairManager.php', + 'NCU\\Security\\PublicPrivateKeyPairs\\Model\\IKeyPair' => __DIR__ . '/../../..' . '/lib/unstable/Security/PublicPrivateKeyPairs/Model/IKeyPair.php', + 'NCU\\Security\\Signature\\Exceptions\\IncomingRequestException' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Exceptions/IncomingRequestException.php', + 'NCU\\Security\\Signature\\Exceptions\\IncomingRequestNotFoundException' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Exceptions/IncomingRequestNotFoundException.php', + 'NCU\\Security\\Signature\\Exceptions\\InvalidKeyOriginException' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Exceptions/InvalidKeyOriginException.php', + 'NCU\\Security\\Signature\\Exceptions\\InvalidSignatureException' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Exceptions/InvalidSignatureException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatoryConflictException' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Exceptions/SignatoryConflictException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatoryException' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Exceptions/SignatoryException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatoryNotFoundException' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Exceptions/SignatoryNotFoundException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatureException' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Exceptions/SignatureException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatureIdentityNotFoundException' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php', + 'NCU\\Security\\Signature\\Exceptions\\SignatureNotFoundException' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Exceptions/SignatureNotFoundException.php', + 'NCU\\Security\\Signature\\ISignatoryManager' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/ISignatoryManager.php', + 'NCU\\Security\\Signature\\ISignatureManager' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/ISignatureManager.php', + 'NCU\\Security\\Signature\\Model\\IIncomingSignedRequest' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Model/IIncomingSignedRequest.php', + 'NCU\\Security\\Signature\\Model\\IOutgoingSignedRequest' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Model/IOutgoingSignedRequest.php', + 'NCU\\Security\\Signature\\Model\\ISignatory' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Model/ISignatory.php', + 'NCU\\Security\\Signature\\Model\\ISignedRequest' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Model/ISignedRequest.php', + 'NCU\\Security\\Signature\\Model\\SignatoryStatus' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Model/SignatoryStatus.php', + 'NCU\\Security\\Signature\\Model\\SignatoryType' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/Model/SignatoryType.php', + 'NCU\\Security\\Signature\\SignatureAlgorithm' => __DIR__ . '/../../..' . '/lib/unstable/Security/Signature/SignatureAlgorithm.php', 'OCP\\Accounts\\IAccount' => __DIR__ . '/../../..' . '/lib/public/Accounts/IAccount.php', 'OCP\\Accounts\\IAccountManager' => __DIR__ . '/../../..' . '/lib/public/Accounts/IAccountManager.php', 'OCP\\Accounts\\IAccountProperty' => __DIR__ . '/../../..' . '/lib/public/Accounts/IAccountProperty.php', @@ -728,32 +752,8 @@ class ComposerStaticInit749170dad3f5e7f9ca158f5a9f04f6a2 'OCP\\Security\\Ip\\IRange' => __DIR__ . '/../../..' . '/lib/public/Security/Ip/IRange.php', 'OCP\\Security\\Ip\\IRemoteAddress' => __DIR__ . '/../../..' . '/lib/public/Security/Ip/IRemoteAddress.php', 'OCP\\Security\\PasswordContext' => __DIR__ . '/../../..' . '/lib/public/Security/PasswordContext.php', - 'OCP\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairConflictException' => __DIR__ . '/../../..' . '/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php', - 'OCP\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairException' => __DIR__ . '/../../..' . '/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php', - 'OCP\\Security\\PublicPrivateKeyPairs\\Exceptions\\KeyPairNotFoundException' => __DIR__ . '/../../..' . '/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php', - 'OCP\\Security\\PublicPrivateKeyPairs\\IKeyPairManager' => __DIR__ . '/../../..' . '/lib/public/Security/PublicPrivateKeyPairs/IKeyPairManager.php', - 'OCP\\Security\\PublicPrivateKeyPairs\\Model\\IKeyPair' => __DIR__ . '/../../..' . '/lib/public/Security/PublicPrivateKeyPairs/Model/IKeyPair.php', 'OCP\\Security\\RateLimiting\\ILimiter' => __DIR__ . '/../../..' . '/lib/public/Security/RateLimiting/ILimiter.php', 'OCP\\Security\\RateLimiting\\IRateLimitExceededException' => __DIR__ . '/../../..' . '/lib/public/Security/RateLimiting/IRateLimitExceededException.php', - 'OCP\\Security\\Signature\\Exceptions\\IncomingRequestException' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Exceptions/IncomingRequestException.php', - 'OCP\\Security\\Signature\\Exceptions\\IncomingRequestNotFoundException' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Exceptions/IncomingRequestNotFoundException.php', - 'OCP\\Security\\Signature\\Exceptions\\InvalidKeyOriginException' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Exceptions/InvalidKeyOriginException.php', - 'OCP\\Security\\Signature\\Exceptions\\InvalidSignatureException' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Exceptions/InvalidSignatureException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatoryConflictException' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Exceptions/SignatoryConflictException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatoryException' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Exceptions/SignatoryException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatoryNotFoundException' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Exceptions/SignatoryNotFoundException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatureException' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Exceptions/SignatureException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatureIdentityNotFoundException' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php', - 'OCP\\Security\\Signature\\Exceptions\\SignatureNotFoundException' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Exceptions/SignatureNotFoundException.php', - 'OCP\\Security\\Signature\\ISignatoryManager' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/ISignatoryManager.php', - 'OCP\\Security\\Signature\\ISignatureManager' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/ISignatureManager.php', - 'OCP\\Security\\Signature\\Model\\IIncomingSignedRequest' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Model/IIncomingSignedRequest.php', - 'OCP\\Security\\Signature\\Model\\IOutgoingSignedRequest' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Model/IOutgoingSignedRequest.php', - 'OCP\\Security\\Signature\\Model\\ISignatory' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Model/ISignatory.php', - 'OCP\\Security\\Signature\\Model\\ISignedRequest' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Model/ISignedRequest.php', - 'OCP\\Security\\Signature\\Model\\SignatoryStatus' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Model/SignatoryStatus.php', - 'OCP\\Security\\Signature\\Model\\SignatoryType' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/Model/SignatoryType.php', - 'OCP\\Security\\Signature\\SignatureAlgorithm' => __DIR__ . '/../../..' . '/lib/public/Security/Signature/SignatureAlgorithm.php', 'OCP\\Security\\VerificationToken\\IVerificationToken' => __DIR__ . '/../../..' . '/lib/public/Security/VerificationToken/IVerificationToken.php', 'OCP\\Security\\VerificationToken\\InvalidTokenException' => __DIR__ . '/../../..' . '/lib/public/Security/VerificationToken/InvalidTokenException.php', 'OCP\\Server' => __DIR__ . '/../../..' . '/lib/public/Server.php', diff --git a/lib/private/Federation/CloudFederationProviderManager.php b/lib/private/Federation/CloudFederationProviderManager.php index a02abd9187cd8..e1ab96066f605 100644 --- a/lib/private/Federation/CloudFederationProviderManager.php +++ b/lib/private/Federation/CloudFederationProviderManager.php @@ -8,6 +8,7 @@ */ namespace OC\Federation; +use NCU\Security\Signature\ISignatureManager; use OC\AppFramework\Http; use OC\OCM\OCMSignatoryManager; use OCP\App\IAppManager; @@ -23,7 +24,6 @@ use OCP\IConfig; use OCP\OCM\Exceptions\OCMProviderException; use OCP\OCM\IOCMDiscoveryService; -use OCP\Security\Signature\ISignatureManager; use Psr\Log\LoggerInterface; /** diff --git a/lib/private/OCM/Model/OCMProvider.php b/lib/private/OCM/Model/OCMProvider.php index f1418a03fcad7..cd4e9c49c3b29 100644 --- a/lib/private/OCM/Model/OCMProvider.php +++ b/lib/private/OCM/Model/OCMProvider.php @@ -9,6 +9,7 @@ namespace OC\OCM\Model; +use NCU\Security\Signature\Model\ISignatory; use OC\Security\Signature\Model\Signatory; use OCP\EventDispatcher\IEventDispatcher; use OCP\OCM\Events\ResourceTypeRegisterEvent; @@ -16,7 +17,6 @@ use OCP\OCM\Exceptions\OCMProviderException; use OCP\OCM\IOCMProvider; use OCP\OCM\IOCMResource; -use OCP\Security\Signature\Model\ISignatory; /** * @since 28.0.0 @@ -212,7 +212,7 @@ private function looksValid(): bool { * publicKey: ISignatory|null, * resourceTypes: array{ * name: string, - * shareTypes: string[], + * shareTypes: list, * protocols: array * }[], * version: string diff --git a/lib/private/OCM/OCMSignatoryManager.php b/lib/private/OCM/OCMSignatoryManager.php index f14e2198d542e..82d39d87c4366 100644 --- a/lib/private/OCM/OCMSignatoryManager.php +++ b/lib/private/OCM/OCMSignatoryManager.php @@ -8,18 +8,18 @@ */ namespace OC\OCM; +use NCU\Security\PublicPrivateKeyPairs\Exceptions\KeyPairConflictException; +use NCU\Security\PublicPrivateKeyPairs\Exceptions\KeyPairNotFoundException; +use NCU\Security\PublicPrivateKeyPairs\IKeyPairManager; +use NCU\Security\Signature\Exceptions\SignatureIdentityNotFoundException; +use NCU\Security\Signature\ISignatoryManager; +use NCU\Security\Signature\ISignatureManager; +use NCU\Security\Signature\Model\IIncomingSignedRequest; +use NCU\Security\Signature\Model\ISignatory; +use NCU\Security\Signature\Model\SignatoryType; use OC\Security\Signature\Model\Signatory; use OCP\IURLGenerator; use OCP\OCM\Exceptions\OCMProviderException; -use OCP\Security\PublicPrivateKeyPairs\Exceptions\KeyPairConflictException; -use OCP\Security\PublicPrivateKeyPairs\Exceptions\KeyPairNotFoundException; -use OCP\Security\PublicPrivateKeyPairs\IKeyPairManager; -use OCP\Security\Signature\Exceptions\SignatureIdentityNotFoundException; -use OCP\Security\Signature\ISignatoryManager; -use OCP\Security\Signature\ISignatureManager; -use OCP\Security\Signature\Model\IIncomingSignedRequest; -use OCP\Security\Signature\Model\ISignatory; -use OCP\Security\Signature\Model\SignatoryType; /** * @inheritDoc diff --git a/lib/private/Security/PublicPrivateKeyPairs/KeyPairManager.php b/lib/private/Security/PublicPrivateKeyPairs/KeyPairManager.php index e46096f5be5d3..0af960b3a30a8 100644 --- a/lib/private/Security/PublicPrivateKeyPairs/KeyPairManager.php +++ b/lib/private/Security/PublicPrivateKeyPairs/KeyPairManager.php @@ -8,12 +8,12 @@ */ namespace OC\Security\PublicPrivateKeyPairs; +use NCU\Security\PublicPrivateKeyPairs\Exceptions\KeyPairConflictException; +use NCU\Security\PublicPrivateKeyPairs\Exceptions\KeyPairNotFoundException; +use NCU\Security\PublicPrivateKeyPairs\IKeyPairManager; +use NCU\Security\PublicPrivateKeyPairs\Model\IKeyPair; use OC\Security\PublicPrivateKeyPairs\Model\KeyPair; use OCP\IAppConfig; -use OCP\Security\PublicPrivateKeyPairs\Exceptions\KeyPairConflictException; -use OCP\Security\PublicPrivateKeyPairs\Exceptions\KeyPairNotFoundException; -use OCP\Security\PublicPrivateKeyPairs\IKeyPairManager; -use OCP\Security\PublicPrivateKeyPairs\Model\IKeyPair; /** * @inheritDoc diff --git a/lib/private/Security/PublicPrivateKeyPairs/Model/KeyPair.php b/lib/private/Security/PublicPrivateKeyPairs/Model/KeyPair.php index 6cdd56bcdb576..523f7c1c38083 100644 --- a/lib/private/Security/PublicPrivateKeyPairs/Model/KeyPair.php +++ b/lib/private/Security/PublicPrivateKeyPairs/Model/KeyPair.php @@ -8,7 +8,7 @@ */ namespace OC\Security\PublicPrivateKeyPairs\Model; -use OCP\Security\PublicPrivateKeyPairs\Model\IKeyPair; +use NCU\Security\PublicPrivateKeyPairs\Model\IKeyPair; /** * @inheritDoc diff --git a/lib/private/Security/Signature/Model/IncomingSignedRequest.php b/lib/private/Security/Signature/Model/IncomingSignedRequest.php index 8b15ab6df4076..a11a5142ed346 100644 --- a/lib/private/Security/Signature/Model/IncomingSignedRequest.php +++ b/lib/private/Security/Signature/Model/IncomingSignedRequest.php @@ -9,11 +9,12 @@ namespace OC\Security\Signature\Model; use JsonSerializable; +use NCU\Security\Signature\Exceptions\IncomingRequestNotFoundException; +use NCU\Security\Signature\Exceptions\SignatoryException; +use NCU\Security\Signature\ISignatureManager; +use NCU\Security\Signature\Model\IIncomingSignedRequest; +use NCU\Security\Signature\Model\ISignatory; use OCP\IRequest; -use OCP\Security\Signature\Exceptions\IncomingRequestNotFoundException; -use OCP\Security\Signature\Exceptions\SignatoryException; -use OCP\Security\Signature\Model\IIncomingSignedRequest; -use OCP\Security\Signature\Model\ISignatory; /** * @inheritDoc @@ -39,7 +40,14 @@ class IncomingSignedRequest extends SignedRequest implements * @since 31.0.0 */ public function setSignatory(ISignatory $signatory): self { - if (parse_url($signatory->getKeyId(), PHP_URL_HOST) !== $this->getOrigin()) { + $keyId = $signatory->getKeyId(); + $host = parse_url($keyId, PHP_URL_HOST); + $port = parse_url($keyId, PHP_URL_PORT); + if ($port !== null && $port !== false) { + $host .= ':' . $port; + } + + if ($host !== $this->getOrigin()) { throw new SignatoryException('keyId from provider is different from the one from signed request'); } diff --git a/lib/private/Security/Signature/Model/OutgoingSignedRequest.php b/lib/private/Security/Signature/Model/OutgoingSignedRequest.php index bb6a0436428f7..04efcf8bfe188 100644 --- a/lib/private/Security/Signature/Model/OutgoingSignedRequest.php +++ b/lib/private/Security/Signature/Model/OutgoingSignedRequest.php @@ -9,7 +9,8 @@ namespace OC\Security\Signature\Model; use JsonSerializable; -use OCP\Security\Signature\Model\IOutgoingSignedRequest; +use NCU\Security\Signature\ISignatureManager; +use NCU\Security\Signature\Model\IOutgoingSignedRequest; /** * extends ISignedRequest to add info requested at the generation of the signature diff --git a/lib/private/Security/Signature/Model/Signatory.php b/lib/private/Security/Signature/Model/Signatory.php index 7fbe1da8ff7f1..b28d2c0415f09 100644 --- a/lib/private/Security/Signature/Model/Signatory.php +++ b/lib/private/Security/Signature/Model/Signatory.php @@ -9,9 +9,9 @@ namespace OC\Security\Signature\Model; use JsonSerializable; -use OCP\Security\Signature\Model\ISignatory; -use OCP\Security\Signature\Model\SignatoryStatus; -use OCP\Security\Signature\Model\SignatoryType; +use NCU\Security\Signature\Model\ISignatory; +use NCU\Security\Signature\Model\SignatoryStatus; +use NCU\Security\Signature\Model\SignatoryType; class Signatory implements ISignatory, JsonSerializable { private string $providerId = ''; @@ -130,7 +130,7 @@ public function getLastUpdated(): int { public function importFromDatabase(array $row): self { $this->setProviderId($row['provider_id'] ?? '') ->setAccount($row['account'] ?? '') - ->setMetadata($row['metadata'] ?? []) + ->setMetadata(json_decode($row['metadata'], true) ?? []) ->setType(SignatoryType::from($row['type'] ?? 9)) ->setStatus(SignatoryStatus::from($row['status'] ?? 1)) ->setCreation($row['creation'] ?? 0) diff --git a/lib/private/Security/Signature/Model/SignedRequest.php b/lib/private/Security/Signature/Model/SignedRequest.php index 2d8a7204e3276..1587da9d63149 100644 --- a/lib/private/Security/Signature/Model/SignedRequest.php +++ b/lib/private/Security/Signature/Model/SignedRequest.php @@ -9,9 +9,9 @@ namespace OC\Security\Signature\Model; use JsonSerializable; -use OCP\Security\Signature\Exceptions\SignatoryNotFoundException; -use OCP\Security\Signature\Model\ISignatory; -use OCP\Security\Signature\Model\ISignedRequest; +use NCU\Security\Signature\Exceptions\SignatoryNotFoundException; +use NCU\Security\Signature\Model\ISignatory; +use NCU\Security\Signature\Model\ISignedRequest; /** * @inheritDoc diff --git a/lib/private/Security/Signature/SignatureManager.php b/lib/private/Security/Signature/SignatureManager.php index 22e7b7e7543e9..3d267db1346ff 100644 --- a/lib/private/Security/Signature/SignatureManager.php +++ b/lib/private/Security/Signature/SignatureManager.php @@ -9,6 +9,22 @@ namespace OC\Security\Signature; +use NCU\Security\Signature\Exceptions\IncomingRequestException; +use NCU\Security\Signature\Exceptions\InvalidKeyOriginException; +use NCU\Security\Signature\Exceptions\InvalidSignatureException; +use NCU\Security\Signature\Exceptions\SignatoryConflictException; +use NCU\Security\Signature\Exceptions\SignatoryException; +use NCU\Security\Signature\Exceptions\SignatoryNotFoundException; +use NCU\Security\Signature\Exceptions\SignatureException; +use NCU\Security\Signature\Exceptions\SignatureIdentityNotFoundException; +use NCU\Security\Signature\Exceptions\SignatureNotFoundException; +use NCU\Security\Signature\ISignatoryManager; +use NCU\Security\Signature\ISignatureManager; +use NCU\Security\Signature\Model\IIncomingSignedRequest; +use NCU\Security\Signature\Model\IOutgoingSignedRequest; +use NCU\Security\Signature\Model\ISignatory; +use NCU\Security\Signature\Model\SignatoryType; +use NCU\Security\Signature\SignatureAlgorithm; use OC\Security\Signature\Model\IncomingSignedRequest; use OC\Security\Signature\Model\OutgoingSignedRequest; use OC\Security\Signature\Model\Signatory; @@ -16,22 +32,6 @@ use OCP\IAppConfig; use OCP\IDBConnection; use OCP\IRequest; -use OCP\Security\Signature\Exceptions\IncomingRequestException; -use OCP\Security\Signature\Exceptions\InvalidKeyOriginException; -use OCP\Security\Signature\Exceptions\InvalidSignatureException; -use OCP\Security\Signature\Exceptions\SignatoryConflictException; -use OCP\Security\Signature\Exceptions\SignatoryException; -use OCP\Security\Signature\Exceptions\SignatoryNotFoundException; -use OCP\Security\Signature\Exceptions\SignatureException; -use OCP\Security\Signature\Exceptions\SignatureIdentityNotFoundException; -use OCP\Security\Signature\Exceptions\SignatureNotFoundException; -use OCP\Security\Signature\ISignatoryManager; -use OCP\Security\Signature\ISignatureManager; -use OCP\Security\Signature\Model\IIncomingSignedRequest; -use OCP\Security\Signature\Model\IOutgoingSignedRequest; -use OCP\Security\Signature\Model\ISignatory; -use OCP\Security\Signature\Model\SignatoryType; -use OCP\Security\Signature\SignatureAlgorithm; use Psr\Log\LoggerInterface; /** @@ -148,15 +148,14 @@ public function getOutgoingSignedRequest( $signedRequest = new OutgoingSignedRequest($content); $options = $signatoryManager->getOptions(); - $parsed = parse_url($uri); - $signedRequest->setHost($parsed['host']) + $signedRequest->setHost($this->getHostFromUri($uri)) ->setAlgorithm($options['algorithm'] ?? 'sha256') ->setSignatory($signatoryManager->getLocalSignatory()); $this->setOutgoingSignatureHeader( $signedRequest, strtolower($method), - $parsed['path'] ?? '/', + parse_url($uri, PHP_URL_PATH) ?? '/', $options['dateHeader'] ?? self::DATE_HEADER ); $this->setOutgoingClearSignature($signedRequest); @@ -357,7 +356,12 @@ private function verifyIncomingSignatureHeader(IIncomingSignedRequest $signedReq throw new IncomingRequestException('missing keys in signature headers: ' . json_encode($data)); } - $signedRequest->setOrigin($this->getKeyOrigin($data['keyId'])); + try { + $signedRequest->setOrigin($this->getHostFromUri($data['keyId'])); + } catch (\Exception) { + throw new InvalidKeyOriginException('cannot retrieve origin from ' . $data['keyId']); + } + $signedRequest->setSignedSignature($data['signature']); } @@ -672,7 +676,7 @@ private function insertSignatory(ISignatory $signatory): void { $qb = $this->connection->getQueryBuilder(); $qb->insert(self::TABLE_SIGNATORIES) ->setValue('provider_id', $qb->createNamedParameter($signatory->getProviderId())) - ->setValue('host', $qb->createNamedParameter(parse_url($signatory->getKeyId(), PHP_URL_HOST))) + ->setValue('host', $qb->createNamedParameter($this->getHostFromUri($signatory->getKeyId()))) ->setValue('account', $qb->createNamedParameter($signatory->getAccount())) ->setValue('key_id', $qb->createNamedParameter($signatory->getKeyId())) ->setValue('key_id_sum', $qb->createNamedParameter($this->hashKeyId($signatory->getKeyId()))) @@ -777,14 +781,14 @@ private function deleteSignatory(string $keyId): void { /** - * @param string $keyId + * @param string $uri * * @return string * @throws InvalidKeyOriginException */ - private function getKeyOrigin(string $keyId): string { - $host = parse_url($keyId, PHP_URL_HOST); - $port = parse_url($keyId, PHP_URL_PORT); + private function getHostFromUri(string $uri): string { + $host = parse_url($uri, PHP_URL_HOST); + $port = parse_url($uri, PHP_URL_PORT); if ($port !== null && $port !== false) { $host .= ':' . $port; } @@ -793,7 +797,7 @@ private function getKeyOrigin(string $keyId): string { return $host; } - throw new InvalidKeyOriginException('cannot retrieve origin from ' . $keyId); + throw new \Exception('invalid/empty uri'); } private function hashKeyId(string $keyId): string { diff --git a/lib/private/Server.php b/lib/private/Server.php index cc6e5ab9df761..6f7a56b6344c5 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -7,6 +7,8 @@ namespace OC; use bantu\IniGetWrapper\IniGetWrapper; +use NCU\Security\PublicPrivateKeyPairs\IKeyPairManager; +use NCU\Security\Signature\ISignatureManager; use OC\Accounts\AccountManager; use OC\App\AppManager; use OC\App\AppStore\Bundles\BundleFetcher; @@ -216,9 +218,7 @@ use OCP\Security\Ip\IRemoteAddress; use OCP\Security\ISecureRandom; use OCP\Security\ITrustedDomainHelper; -use OCP\Security\PublicPrivateKeyPairs\IKeyPairManager; use OCP\Security\RateLimiting\ILimiter; -use OCP\Security\Signature\ISignatureManager; use OCP\Security\VerificationToken\IVerificationToken; use OCP\ServerVersion; use OCP\Settings\IDeclarativeManager; diff --git a/lib/public/OCM/IOCMProvider.php b/lib/public/OCM/IOCMProvider.php index afb1b1ff9eb0f..789462efd7828 100644 --- a/lib/public/OCM/IOCMProvider.php +++ b/lib/public/OCM/IOCMProvider.php @@ -10,9 +10,9 @@ namespace OCP\OCM; use JsonSerializable; +use NCU\Security\Signature\Model\ISignatory; use OCP\OCM\Exceptions\OCMArgumentException; use OCP\OCM\Exceptions\OCMProviderException; -use OCP\Security\Signature\Model\ISignatory; /** * Model based on the Open Cloud Mesh Discovery API diff --git a/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php b/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php similarity index 77% rename from lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php rename to lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php index 6f6a8154133ba..be3473cf5fd3d 100644 --- a/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php +++ b/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairConflictException.php @@ -6,12 +6,12 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\PublicPrivateKeyPairs\Exceptions; +namespace NCU\Security\PublicPrivateKeyPairs\Exceptions; /** * conflict between public and private key pair * - * @since 31.0.0 + * @experimental 31.0.0 */ class KeyPairConflictException extends KeyPairException { } diff --git a/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php b/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php similarity index 77% rename from lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php rename to lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php index 6b2c20dda82dc..2e35551e2b8a1 100644 --- a/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php +++ b/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairException.php @@ -6,14 +6,14 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\PublicPrivateKeyPairs\Exceptions; +namespace NCU\Security\PublicPrivateKeyPairs\Exceptions; use Exception; /** * global exception related to key pairs * - * @since 31.0.0 + * @experimental 31.0.0 */ class KeyPairException extends Exception { } diff --git a/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php b/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php similarity index 73% rename from lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php rename to lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php index bc08f03bfe9a4..421620dba52a6 100644 --- a/lib/public/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php +++ b/lib/unstable/Security/PublicPrivateKeyPairs/Exceptions/KeyPairNotFoundException.php @@ -6,10 +6,10 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\PublicPrivateKeyPairs\Exceptions; +namespace NCU\Security\PublicPrivateKeyPairs\Exceptions; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class KeyPairNotFoundException extends KeyPairException { } diff --git a/lib/public/Security/PublicPrivateKeyPairs/IKeyPairManager.php b/lib/unstable/Security/PublicPrivateKeyPairs/IKeyPairManager.php similarity index 81% rename from lib/public/Security/PublicPrivateKeyPairs/IKeyPairManager.php rename to lib/unstable/Security/PublicPrivateKeyPairs/IKeyPairManager.php index 054d615d8373a..4b9791feb438d 100644 --- a/lib/public/Security/PublicPrivateKeyPairs/IKeyPairManager.php +++ b/lib/unstable/Security/PublicPrivateKeyPairs/IKeyPairManager.php @@ -6,16 +6,16 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\PublicPrivateKeyPairs; +namespace NCU\Security\PublicPrivateKeyPairs; -use OCP\Security\PublicPrivateKeyPairs\Exceptions\KeyPairConflictException; -use OCP\Security\PublicPrivateKeyPairs\Exceptions\KeyPairNotFoundException; -use OCP\Security\PublicPrivateKeyPairs\Model\IKeyPair; +use NCU\Security\PublicPrivateKeyPairs\Exceptions\KeyPairConflictException; +use NCU\Security\PublicPrivateKeyPairs\Exceptions\KeyPairNotFoundException; +use NCU\Security\PublicPrivateKeyPairs\Model\IKeyPair; /** * IKeyPairManager contains a group of method to create/manage/store internal public/private key pair. * - * @since 31.0.0 + * @experimental 31.0.0 */ interface IKeyPairManager { @@ -29,7 +29,7 @@ interface IKeyPairManager { * * @return IKeyPair * @throws KeyPairConflictException if a key already exist - * @since 31.0.0 + * @experimental 31.0.0 */ public function generateKeyPair(string $app, string $name, array $options = []): IKeyPair; @@ -40,7 +40,7 @@ public function generateKeyPair(string $app, string $name, array $options = []): * @param string $name key name * * @return bool TRUE if key pair exists in database - * @since 31.0.0 + * @experimental 31.0.0 */ public function hasKeyPair(string $app, string $name): bool; @@ -53,7 +53,7 @@ public function hasKeyPair(string $app, string $name): bool; * * @return IKeyPair * @throws KeyPairNotFoundException if key pair is not known - * @since 31.0.0 + * @experimental 31.0.0 */ public function getKeyPair(string $app, string $name): IKeyPair; @@ -63,7 +63,7 @@ public function getKeyPair(string $app, string $name): IKeyPair; * @param string $app appid * @param string $name key name * - * @since 31.0.0 + * @experimental 31.0.0 */ public function deleteKeyPair(string $app, string $name): void; @@ -73,7 +73,7 @@ public function deleteKeyPair(string $app, string $name): void; * @param IKeyPair $keyPair keypair to test * * @return bool - * @since 31.0.0 + * @experimental 31.0.0 */ public function testKeyPair(IKeyPair $keyPair): bool; } diff --git a/lib/public/Security/PublicPrivateKeyPairs/Model/IKeyPair.php b/lib/unstable/Security/PublicPrivateKeyPairs/Model/IKeyPair.php similarity index 81% rename from lib/public/Security/PublicPrivateKeyPairs/Model/IKeyPair.php rename to lib/unstable/Security/PublicPrivateKeyPairs/Model/IKeyPair.php index 041fb3f44a74b..8a0b77f00c5d3 100644 --- a/lib/public/Security/PublicPrivateKeyPairs/Model/IKeyPair.php +++ b/lib/unstable/Security/PublicPrivateKeyPairs/Model/IKeyPair.php @@ -6,20 +6,20 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\PublicPrivateKeyPairs\Model; +namespace NCU\Security\PublicPrivateKeyPairs\Model; /** * simple model that store key pair, its name, its origin (app) * and the options used during its creation * - * @since 31.0.0 + * @experimental 31.0.0 */ interface IKeyPair { /** * returns id of the app owning the key pair * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getApp(): string; @@ -27,7 +27,7 @@ public function getApp(): string; * returns name of the key pair * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getName(): string; @@ -36,7 +36,7 @@ public function getName(): string; * * @param string $publicKey * @return IKeyPair - * @since 31.0.0 + * @experimental 31.0.0 */ public function setPublicKey(string $publicKey): IKeyPair; @@ -44,7 +44,7 @@ public function setPublicKey(string $publicKey): IKeyPair; * returns public key * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getPublicKey(): string; @@ -53,7 +53,7 @@ public function getPublicKey(): string; * * @param string $privateKey * @return IKeyPair - * @since 31.0.0 + * @experimental 31.0.0 */ public function setPrivateKey(string $privateKey): IKeyPair; @@ -61,7 +61,7 @@ public function setPrivateKey(string $privateKey): IKeyPair; * returns private key * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getPrivateKey(): string; @@ -70,7 +70,7 @@ public function getPrivateKey(): string; * * @param array $options * @return IKeyPair - * @since 31.0.0 + * @experimental 31.0.0 */ public function setOptions(array $options): IKeyPair; @@ -78,7 +78,7 @@ public function setOptions(array $options): IKeyPair; * returns options * * @return array - * @since 31.0.0 + * @experimental 31.0.0 */ public function getOptions(): array; } diff --git a/lib/public/Security/Signature/Exceptions/IncomingRequestException.php b/lib/unstable/Security/Signature/Exceptions/IncomingRequestException.php similarity index 77% rename from lib/public/Security/Signature/Exceptions/IncomingRequestException.php rename to lib/unstable/Security/Signature/Exceptions/IncomingRequestException.php index cef1b8ec42283..c334090fdc340 100644 --- a/lib/public/Security/Signature/Exceptions/IncomingRequestException.php +++ b/lib/unstable/Security/Signature/Exceptions/IncomingRequestException.php @@ -6,10 +6,10 @@ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Exceptions; +namespace NCU\Security\Signature\Exceptions; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class IncomingRequestException extends SignatureException { } diff --git a/lib/public/Security/Signature/Exceptions/IncomingRequestNotFoundException.php b/lib/unstable/Security/Signature/Exceptions/IncomingRequestNotFoundException.php similarity index 77% rename from lib/public/Security/Signature/Exceptions/IncomingRequestNotFoundException.php rename to lib/unstable/Security/Signature/Exceptions/IncomingRequestNotFoundException.php index c13852e8b7582..51ebcf16a16e3 100644 --- a/lib/public/Security/Signature/Exceptions/IncomingRequestNotFoundException.php +++ b/lib/unstable/Security/Signature/Exceptions/IncomingRequestNotFoundException.php @@ -6,10 +6,10 @@ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Exceptions; +namespace NCU\Security\Signature\Exceptions; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class IncomingRequestNotFoundException extends SignatureException { } diff --git a/lib/public/Security/Signature/Exceptions/InvalidKeyOriginException.php b/lib/unstable/Security/Signature/Exceptions/InvalidKeyOriginException.php similarity index 77% rename from lib/public/Security/Signature/Exceptions/InvalidKeyOriginException.php rename to lib/unstable/Security/Signature/Exceptions/InvalidKeyOriginException.php index c8d7778427fac..3d8fa78077f8d 100644 --- a/lib/public/Security/Signature/Exceptions/InvalidKeyOriginException.php +++ b/lib/unstable/Security/Signature/Exceptions/InvalidKeyOriginException.php @@ -6,10 +6,10 @@ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Exceptions; +namespace NCU\Security\Signature\Exceptions; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class InvalidKeyOriginException extends SignatureException { } diff --git a/lib/public/Security/Signature/Exceptions/InvalidSignatureException.php b/lib/unstable/Security/Signature/Exceptions/InvalidSignatureException.php similarity index 77% rename from lib/public/Security/Signature/Exceptions/InvalidSignatureException.php rename to lib/unstable/Security/Signature/Exceptions/InvalidSignatureException.php index 5b5525dfad6a2..351637ef201b9 100644 --- a/lib/public/Security/Signature/Exceptions/InvalidSignatureException.php +++ b/lib/unstable/Security/Signature/Exceptions/InvalidSignatureException.php @@ -6,10 +6,10 @@ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Exceptions; +namespace NCU\Security\Signature\Exceptions; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class InvalidSignatureException extends SignatureException { } diff --git a/lib/public/Security/Signature/Exceptions/SignatoryConflictException.php b/lib/unstable/Security/Signature/Exceptions/SignatoryConflictException.php similarity index 77% rename from lib/public/Security/Signature/Exceptions/SignatoryConflictException.php rename to lib/unstable/Security/Signature/Exceptions/SignatoryConflictException.php index 13f81c2946b09..e078071e970a1 100644 --- a/lib/public/Security/Signature/Exceptions/SignatoryConflictException.php +++ b/lib/unstable/Security/Signature/Exceptions/SignatoryConflictException.php @@ -6,10 +6,10 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Exceptions; +namespace NCU\Security\Signature\Exceptions; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class SignatoryConflictException extends SignatoryException { } diff --git a/lib/public/Security/Signature/Exceptions/SignatoryException.php b/lib/unstable/Security/Signature/Exceptions/SignatoryException.php similarity index 76% rename from lib/public/Security/Signature/Exceptions/SignatoryException.php rename to lib/unstable/Security/Signature/Exceptions/SignatoryException.php index 9bea4fe141235..92409ab3d988b 100644 --- a/lib/public/Security/Signature/Exceptions/SignatoryException.php +++ b/lib/unstable/Security/Signature/Exceptions/SignatoryException.php @@ -6,10 +6,10 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Exceptions; +namespace NCU\Security\Signature\Exceptions; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class SignatoryException extends SignatureException { } diff --git a/lib/public/Security/Signature/Exceptions/SignatoryNotFoundException.php b/lib/unstable/Security/Signature/Exceptions/SignatoryNotFoundException.php similarity index 77% rename from lib/public/Security/Signature/Exceptions/SignatoryNotFoundException.php rename to lib/unstable/Security/Signature/Exceptions/SignatoryNotFoundException.php index ba55c7c26f05d..0234b3e7d5c8a 100644 --- a/lib/public/Security/Signature/Exceptions/SignatoryNotFoundException.php +++ b/lib/unstable/Security/Signature/Exceptions/SignatoryNotFoundException.php @@ -6,10 +6,10 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Exceptions; +namespace NCU\Security\Signature\Exceptions; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class SignatoryNotFoundException extends SignatoryException { } diff --git a/lib/public/Security/Signature/Exceptions/SignatureException.php b/lib/unstable/Security/Signature/Exceptions/SignatureException.php similarity index 77% rename from lib/public/Security/Signature/Exceptions/SignatureException.php rename to lib/unstable/Security/Signature/Exceptions/SignatureException.php index bb391df016743..12353a8e61b51 100644 --- a/lib/public/Security/Signature/Exceptions/SignatureException.php +++ b/lib/unstable/Security/Signature/Exceptions/SignatureException.php @@ -6,12 +6,12 @@ * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Exceptions; +namespace NCU\Security\Signature\Exceptions; use Exception; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class SignatureException extends Exception { } diff --git a/lib/public/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php b/lib/unstable/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php similarity index 77% rename from lib/public/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php rename to lib/unstable/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php index f83ff6e371ea9..abc86c3b44673 100644 --- a/lib/public/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php +++ b/lib/unstable/Security/Signature/Exceptions/SignatureIdentityNotFoundException.php @@ -6,10 +6,10 @@ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Exceptions; +namespace NCU\Security\Signature\Exceptions; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class SignatureIdentityNotFoundException extends SignatureException { } diff --git a/lib/public/Security/Signature/Exceptions/SignatureNotFoundException.php b/lib/unstable/Security/Signature/Exceptions/SignatureNotFoundException.php similarity index 77% rename from lib/public/Security/Signature/Exceptions/SignatureNotFoundException.php rename to lib/unstable/Security/Signature/Exceptions/SignatureNotFoundException.php index 9d86fa41d5232..f015b07673b1f 100644 --- a/lib/public/Security/Signature/Exceptions/SignatureNotFoundException.php +++ b/lib/unstable/Security/Signature/Exceptions/SignatureNotFoundException.php @@ -6,10 +6,10 @@ * SPDX-FileCopyrightText: 2023 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Exceptions; +namespace NCU\Security\Signature\Exceptions; /** - * @since 31.0.0 + * @experimental 31.0.0 */ class SignatureNotFoundException extends SignatureException { } diff --git a/lib/public/Security/Signature/ISignatoryManager.php b/lib/unstable/Security/Signature/ISignatoryManager.php similarity index 85% rename from lib/public/Security/Signature/ISignatoryManager.php rename to lib/unstable/Security/Signature/ISignatoryManager.php index 2ce2aae5c0d3f..8db23bfbde30e 100644 --- a/lib/public/Security/Signature/ISignatoryManager.php +++ b/lib/unstable/Security/Signature/ISignatoryManager.php @@ -6,17 +6,17 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature; +namespace NCU\Security\Signature; -use OCP\Security\Signature\Model\IIncomingSignedRequest; -use OCP\Security\Signature\Model\ISignatory; +use NCU\Security\Signature\Model\IIncomingSignedRequest; +use NCU\Security\Signature\Model\ISignatory; /** * ISignatoryManager contains a group of method that will help * - signing outgoing request * - confirm the authenticity of incoming signed request. * - * @since 31.0.0 + * @experimental 31.0.0 */ interface ISignatoryManager { /** @@ -26,7 +26,7 @@ interface ISignatoryManager { * Must be unique. * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getProviderId(): string; @@ -41,7 +41,7 @@ public function getProviderId(): string; * ] * * @return array - * @since 31.0.0 + * @experimental 31.0.0 */ public function getOptions(): array; @@ -51,7 +51,7 @@ public function getOptions(): array; * Used to sign outgoing request * * @return ISignatory - * @since 31.0.0 + * @experimental 31.0.0 */ public function getLocalSignatory(): ISignatory; @@ -64,7 +64,7 @@ public function getLocalSignatory(): ISignatory; * @param IIncomingSignedRequest $signedRequest * * @return ISignatory|null must be NULL if no signatory is found - * @since 31.0.0 + * @experimental 31.0.0 */ public function getRemoteSignatory(IIncomingSignedRequest $signedRequest): ?ISignatory; } diff --git a/lib/public/Security/Signature/ISignatureManager.php b/lib/unstable/Security/Signature/ISignatureManager.php similarity index 87% rename from lib/public/Security/Signature/ISignatureManager.php rename to lib/unstable/Security/Signature/ISignatureManager.php index 2be48d0cae2dd..1c187fbb24f1e 100644 --- a/lib/public/Security/Signature/ISignatureManager.php +++ b/lib/unstable/Security/Signature/ISignatureManager.php @@ -6,16 +6,16 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature; +namespace NCU\Security\Signature; -use OCP\Security\Signature\Exceptions\IncomingRequestException; -use OCP\Security\Signature\Exceptions\SignatoryNotFoundException; -use OCP\Security\Signature\Exceptions\SignatureException; -use OCP\Security\Signature\Exceptions\SignatureIdentityNotFoundException; -use OCP\Security\Signature\Exceptions\SignatureNotFoundException; -use OCP\Security\Signature\Model\IIncomingSignedRequest; -use OCP\Security\Signature\Model\IOutgoingSignedRequest; -use OCP\Security\Signature\Model\ISignatory; +use NCU\Security\Signature\Exceptions\IncomingRequestException; +use NCU\Security\Signature\Exceptions\SignatoryNotFoundException; +use NCU\Security\Signature\Exceptions\SignatureException; +use NCU\Security\Signature\Exceptions\SignatureIdentityNotFoundException; +use NCU\Security\Signature\Exceptions\SignatureNotFoundException; +use NCU\Security\Signature\Model\IIncomingSignedRequest; +use NCU\Security\Signature\Model\IOutgoingSignedRequest; +use NCU\Security\Signature\Model\ISignatory; /** * ISignatureManager is a service integrated to core that provide tools @@ -43,7 +43,7 @@ * listed in 'headers' and their value. Some elements (content-length date digest host) are mandatory * to ensure authenticity override protection. * - * @since 31.0.0 + * @experimental 31.0.0 */ interface ISignatureManager { /** @@ -60,7 +60,7 @@ interface ISignatureManager { * @throws IncomingRequestException if anything looks wrong with the incoming request * @throws SignatureNotFoundException if incoming request is not signed * @throws SignatureException if signature could not be confirmed - * @since 31.0.0 + * @experimental 31.0.0 */ public function getIncomingSignedRequest(ISignatoryManager $signatoryManager, ?string $body = null): IIncomingSignedRequest; @@ -74,7 +74,7 @@ public function getIncomingSignedRequest(ISignatoryManager $signatoryManager, ?s * @param string $uri needed in the signature * * @return IOutgoingSignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function getOutgoingSignedRequest(ISignatoryManager $signatoryManager, string $content, string $method, string $uri): IOutgoingSignedRequest; @@ -88,7 +88,7 @@ public function getOutgoingSignedRequest(ISignatoryManager $signatoryManager, st * @param string $uri needed in the signature * * @return array new payload to be sent, including original payload and signature elements in headers - * @since 31.0.0 + * @experimental 31.0.0 */ public function signOutgoingRequestIClientPayload(ISignatoryManager $signatoryManager, array $payload, string $method, string $uri): array; @@ -100,7 +100,7 @@ public function signOutgoingRequestIClientPayload(ISignatoryManager $signatoryMa * * @return ISignatory * @throws SignatoryNotFoundException if entry does not exist in local database - * @since 31.0.0 + * @experimental 31.0.0 */ public function searchSignatory(string $host, string $account = ''): ISignatory; @@ -111,7 +111,7 @@ public function searchSignatory(string $host, string $account = ''): ISignatory; * * @return string * @throws SignatureIdentityNotFoundException if hostname is not set - * @since 31.0.0 + * @experimental 31.0.0 */ public function generateKeyId(string $path): string; } diff --git a/lib/public/Security/Signature/Model/IIncomingSignedRequest.php b/lib/unstable/Security/Signature/Model/IIncomingSignedRequest.php similarity index 87% rename from lib/public/Security/Signature/Model/IIncomingSignedRequest.php rename to lib/unstable/Security/Signature/Model/IIncomingSignedRequest.php index 5dfd7334c370f..65a472d885a79 100644 --- a/lib/public/Security/Signature/Model/IIncomingSignedRequest.php +++ b/lib/unstable/Security/Signature/Model/IIncomingSignedRequest.php @@ -6,17 +6,17 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Model; +namespace NCU\Security\Signature\Model; +use NCU\Security\Signature\ISignatureManager; use OCP\IRequest; -use OCP\Security\Signature\ISignatureManager; /** * model wrapping an actual incoming request, adding details about the signature and the * authenticity of the origin of the request. * * @see ISignatureManager for details on signature - * @since 31.0.0 + * @experimental 31.0.0 */ interface IIncomingSignedRequest extends ISignedRequest { /** @@ -24,7 +24,7 @@ interface IIncomingSignedRequest extends ISignedRequest { * * @param IRequest $request * @return IIncomingSignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function setRequest(IRequest $request): IIncomingSignedRequest; @@ -32,7 +32,7 @@ public function setRequest(IRequest $request): IIncomingSignedRequest; * returns the base IRequest * * @return IRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function getRequest(): IRequest; @@ -41,7 +41,7 @@ public function getRequest(): IRequest; * * @param int $time * @return IIncomingSignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function setTime(int $time): IIncomingSignedRequest; @@ -49,7 +49,7 @@ public function setTime(int $time): IIncomingSignedRequest; * get the time, extracted from the base request headers * * @return int - * @since 31.0.0 + * @experimental 31.0.0 */ public function getTime(): int; @@ -59,7 +59,7 @@ public function getTime(): int; * * @param string $origin * @return IIncomingSignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function setOrigin(string $origin): IIncomingSignedRequest; @@ -68,7 +68,7 @@ public function setOrigin(string $origin): IIncomingSignedRequest; * based on the keyId defined in the signature header. * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getOrigin(): string; @@ -77,7 +77,7 @@ public function getOrigin(): string; * keyId is a mandatory entry in the headers of a signed request. * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getKeyId(): string; @@ -88,7 +88,7 @@ public function getKeyId(): string; * * @param string $signature * @return IIncomingSignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function setEstimatedSignature(string $signature): IIncomingSignedRequest; @@ -98,7 +98,7 @@ public function setEstimatedSignature(string $signature): IIncomingSignedRequest * the public key of remote instance at the origin of the request. * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getEstimatedSignature(): string; } diff --git a/lib/public/Security/Signature/Model/IOutgoingSignedRequest.php b/lib/unstable/Security/Signature/Model/IOutgoingSignedRequest.php similarity index 85% rename from lib/public/Security/Signature/Model/IOutgoingSignedRequest.php rename to lib/unstable/Security/Signature/Model/IOutgoingSignedRequest.php index 1e3270c569f41..9c863b96fa801 100644 --- a/lib/public/Security/Signature/Model/IOutgoingSignedRequest.php +++ b/lib/unstable/Security/Signature/Model/IOutgoingSignedRequest.php @@ -6,13 +6,15 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Model; +namespace NCU\Security\Signature\Model; + +use NCU\Security\Signature\ISignatureManager; /** * extends ISignedRequest to add info requested at the generation of the signature * * @see ISignatureManager for details on signature - * @since 31.0.0 + * @experimental 31.0.0 */ interface IOutgoingSignedRequest extends ISignedRequest { /** @@ -20,7 +22,7 @@ interface IOutgoingSignedRequest extends ISignedRequest { * * @param string $host * @return IOutgoingSignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function setHost(string $host): IOutgoingSignedRequest; @@ -30,7 +32,7 @@ public function setHost(string $host): IOutgoingSignedRequest; * - on outgoing request, this is the remote instance. * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getHost(): string; @@ -41,7 +43,7 @@ public function getHost(): string; * @param string|int|float|bool|array $value * * @return IOutgoingSignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function addHeader(string $key, string|int|float|bool|array $value): IOutgoingSignedRequest; @@ -49,7 +51,7 @@ public function addHeader(string $key, string|int|float|bool|array $value): IOut * returns list of headers value that will be added to the base request * * @return array - * @since 31.0.0 + * @experimental 31.0.0 */ public function getHeaders(): array; @@ -59,7 +61,7 @@ public function getHeaders(): array; * @param string $estimated * * @return IOutgoingSignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function setClearSignature(string $estimated): IOutgoingSignedRequest; @@ -67,7 +69,7 @@ public function setClearSignature(string $estimated): IOutgoingSignedRequest; * returns the clear version of the signature * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getClearSignature(): string; @@ -77,7 +79,7 @@ public function getClearSignature(): string; * @param string $algorithm * * @return IOutgoingSignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function setAlgorithm(string $algorithm): IOutgoingSignedRequest; @@ -85,7 +87,7 @@ public function setAlgorithm(string $algorithm): IOutgoingSignedRequest; * returns the algorithm set to sign the signature * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getAlgorithm(): string; } diff --git a/lib/public/Security/Signature/Model/ISignatory.php b/lib/unstable/Security/Signature/Model/ISignatory.php similarity index 84% rename from lib/public/Security/Signature/Model/ISignatory.php rename to lib/unstable/Security/Signature/Model/ISignatory.php index 83c14a8074010..98583436b3cdf 100644 --- a/lib/public/Security/Signature/Model/ISignatory.php +++ b/lib/unstable/Security/Signature/Model/ISignatory.php @@ -6,7 +6,9 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Model; +namespace NCU\Security\Signature\Model; + +use NCU\Security\Signature\ISignatoryManager; /** * model that store keys and details related to host and in use protocol @@ -15,7 +17,8 @@ * * the pair providerId+host is unique, meaning only one signatory can exist for each host * and protocol - * @since 31.0.0 + * + * @experimental 31.0.0 */ interface ISignatory { /** @@ -25,7 +28,7 @@ interface ISignatory { * @param string $providerId * * @return ISignatory - * @since 31.0.0 + * @experimental 31.0.0 */ public function setProviderId(string $providerId): ISignatory; @@ -33,7 +36,7 @@ public function setProviderId(string $providerId): ISignatory; * returns the provider id, unique string related to the ISignatoryManager * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getProviderId(): string; @@ -43,7 +46,7 @@ public function getProviderId(): string; * @param string $account * * @return ISignatory - * @since 31.0.0 + * @experimental 31.0.0 */ public function setAccount(string $account): ISignatory; @@ -51,7 +54,7 @@ public function setAccount(string $account): ISignatory; * return account name, empty string if not set * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getAccount(): string; @@ -59,7 +62,7 @@ public function getAccount(): string; * returns key id * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getKeyId(): string; @@ -67,7 +70,7 @@ public function getKeyId(): string; * returns public key * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getPublicKey(): string; @@ -75,7 +78,7 @@ public function getPublicKey(): string; * returns private key, if available * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getPrivateKey(): string; @@ -85,7 +88,7 @@ public function getPrivateKey(): string; * @param array $metadata * * @return ISignatory - * @since 31.0.0 + * @experimental 31.0.0 */ public function setMetadata(array $metadata): ISignatory; @@ -93,7 +96,7 @@ public function setMetadata(array $metadata): ISignatory; * returns metadata * * @return array - * @since 31.0.0 + * @experimental 31.0.0 */ public function getMetadata(): array; @@ -104,7 +107,7 @@ public function getMetadata(): array; * @param string|int $value * * @return ISignatory - * @since 31.0.0 + * @experimental 31.0.0 */ public function setMetaValue(string $key, string|int $value): ISignatory; @@ -114,7 +117,7 @@ public function setMetaValue(string $key, string|int $value): ISignatory; * @param SignatoryType $type * * @return ISignatory - * @since 31.0.0 + * @experimental 31.0.0 */ public function setType(SignatoryType $type): ISignatory; @@ -122,7 +125,7 @@ public function setType(SignatoryType $type): ISignatory; * returns SignatoryType * * @return SignatoryType - * @since 31.0.0 + * @experimental 31.0.0 */ public function getType(): SignatoryType; @@ -133,7 +136,7 @@ public function getType(): SignatoryType; * * @see SignatoryStatus * @return ISignatory - * @since 31.0.0 + * @experimental 31.0.0 */ public function setStatus(SignatoryStatus $status): ISignatory; @@ -142,7 +145,7 @@ public function setStatus(SignatoryStatus $status): ISignatory; * * @see SignatoryStatus * @return SignatoryStatus - * @since 31.0.0 + * @experimental 31.0.0 */ public function getStatus(): SignatoryStatus; @@ -150,7 +153,7 @@ public function getStatus(): SignatoryStatus; * get last timestamp this entry has been updated * * @return int - * @since 31.0.0 + * @experimental 31.0.0 */ public function getLastUpdated(): int; } diff --git a/lib/public/Security/Signature/Model/ISignedRequest.php b/lib/unstable/Security/Signature/Model/ISignedRequest.php similarity index 84% rename from lib/public/Security/Signature/Model/ISignedRequest.php rename to lib/unstable/Security/Signature/Model/ISignedRequest.php index a7a295a242021..b7589c9f41a26 100644 --- a/lib/public/Security/Signature/Model/ISignedRequest.php +++ b/lib/unstable/Security/Signature/Model/ISignedRequest.php @@ -6,9 +6,9 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Model; +namespace NCU\Security\Signature\Model; -use OCP\Security\Signature\Exceptions\SignatoryNotFoundException; +use NCU\Security\Signature\Exceptions\SignatoryNotFoundException; /** * model that store data related to a possible signature. @@ -16,14 +16,14 @@ * - to confirm authenticity of a signed incoming request * - to sign an outgoing request * - * @since 31.0.0 + * @experimental 31.0.0 */ interface ISignedRequest { /** * payload of the request * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getBody(): string; @@ -31,7 +31,7 @@ public function getBody(): string; * checksum of the payload of the request * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getDigest(): string; @@ -40,7 +40,7 @@ public function getDigest(): string; * * @param array $signatureHeader * @return ISignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function setSignatureHeader(array $signatureHeader): ISignedRequest; @@ -48,7 +48,7 @@ public function setSignatureHeader(array $signatureHeader): ISignedRequest; * get the list of headers related to the signature of the request * * @return array - * @since 31.0.0 + * @experimental 31.0.0 */ public function getSignatureHeader(): array; @@ -57,7 +57,7 @@ public function getSignatureHeader(): array; * * @param string $signedSignature * @return ISignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function setSignedSignature(string $signedSignature): ISignedRequest; @@ -65,7 +65,7 @@ public function setSignedSignature(string $signedSignature): ISignedRequest; * get the signed version of the signature * * @return string - * @since 31.0.0 + * @experimental 31.0.0 */ public function getSignedSignature(): string; @@ -74,7 +74,7 @@ public function getSignedSignature(): string; * * @param ISignatory $signatory * @return ISignedRequest - * @since 31.0.0 + * @experimental 31.0.0 */ public function setSignatory(ISignatory $signatory): ISignedRequest; @@ -83,7 +83,7 @@ public function setSignatory(ISignatory $signatory): ISignedRequest; * * @return ISignatory * @throws SignatoryNotFoundException - * @since 31.0.0 + * @experimental 31.0.0 */ public function getSignatory(): ISignatory; @@ -91,7 +91,7 @@ public function getSignatory(): ISignatory; * returns if a signatory related to this request have been found and defined * * @return bool - * @since 31.0.0 + * @experimental 31.0.0 */ public function hasSignatory(): bool; } diff --git a/lib/public/Security/Signature/Model/SignatoryStatus.php b/lib/unstable/Security/Signature/Model/SignatoryStatus.php similarity index 77% rename from lib/public/Security/Signature/Model/SignatoryStatus.php rename to lib/unstable/Security/Signature/Model/SignatoryStatus.php index 93e3151751b89..c620800a5d283 100644 --- a/lib/public/Security/Signature/Model/SignatoryStatus.php +++ b/lib/unstable/Security/Signature/Model/SignatoryStatus.php @@ -6,7 +6,7 @@ * SPDX-FileCopyrightText: 2024 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Model; +namespace NCU\Security\Signature\Model; /** * current status of signatory. is it trustable or not ? @@ -14,11 +14,11 @@ * - SYNCED = the remote instance is trustable. * - BROKEN = the remote instance does not use the same key pairs * - * @since 31.0.0 + * @experimental 31.0.0 */ enum SignatoryStatus: int { - /** @since 31.0.0 */ + /** @experimental 31.0.0 */ case SYNCED = 1; - /** @since 31.0.0 */ + /** @experimental 31.0.0 */ case BROKEN = 9; } diff --git a/lib/public/Security/Signature/Model/SignatoryType.php b/lib/unstable/Security/Signature/Model/SignatoryType.php similarity index 80% rename from lib/public/Security/Signature/Model/SignatoryType.php rename to lib/unstable/Security/Signature/Model/SignatoryType.php index e3956950afc51..2693805bbd3a7 100644 --- a/lib/public/Security/Signature/Model/SignatoryType.php +++ b/lib/unstable/Security/Signature/Model/SignatoryType.php @@ -6,7 +6,7 @@ * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature\Model; +namespace NCU\Security\Signature\Model; /** * type of link between local and remote instance @@ -16,15 +16,15 @@ * - TRUSTED = any changes of keypair will require human interaction, warning will be issued * - STATIC = error will be issued on conflict, assume keypair cannot be reset. * - * @since 31.0.0 + * @experimental 31.0.0 */ enum SignatoryType: int { - /** @since 31.0.0 */ + /** @experimental 31.0.0 */ case FORGIVABLE = 1; // no notice on refresh - /** @since 31.0.0 */ + /** @experimental 31.0.0 */ case REFRESHABLE = 4; // notice on refresh - /** @since 31.0.0 */ + /** @experimental 31.0.0 */ case TRUSTED = 8; // warning on refresh - /** @since 31.0.0 */ + /** @experimental 31.0.0 */ case STATIC = 9; // error on refresh } diff --git a/lib/public/Security/Signature/SignatureAlgorithm.php b/lib/unstable/Security/Signature/SignatureAlgorithm.php similarity index 72% rename from lib/public/Security/Signature/SignatureAlgorithm.php rename to lib/unstable/Security/Signature/SignatureAlgorithm.php index 1136aacc4ec52..83338321d2715 100644 --- a/lib/public/Security/Signature/SignatureAlgorithm.php +++ b/lib/unstable/Security/Signature/SignatureAlgorithm.php @@ -6,16 +6,16 @@ * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors * SPDX-License-Identifier: AGPL-3.0-or-later */ -namespace OCP\Security\Signature; +namespace NCU\Security\Signature; /** * list of available algorithm when signing payload * - * @since 31.0.0 + * @experimental 31.0.0 */ enum SignatureAlgorithm: string { - /** @since 31.0.0 */ + /** @experimental 31.0.0 */ case SHA256 = 'sha256'; - /** @since 31.0.0 */ + /** @experimental 31.0.0 */ case SHA512 = 'sha512'; }