Merge branch 'feature/issue#46' into develop

mlojewski-me · mlojewski-me · commit 5caa1641db9d · 2018-12-30T20:34:56.000+01:00
diff --git a/appinfo/routes.php b/appinfo/routes.php
@@ -61,6 +61,11 @@
                 "url" => "/settings/autocomplete/table/group",
                 "verb" => "POST"
             ],
+            [
+                "name" => "settings#cryptoParams",
+                "url" => "/settings/crypto/params",
+                "verb" => "GET"
+            ],
         ]
     ]
 );
diff --git a/css/settings.css b/css/settings.css
@@ -33,6 +33,13 @@
     float: right;
 }
 
+#user_sql .main .inner-fieldset {
+    border-bottom: 1px solid var(--color-border);
+    border-top: 1px solid var(--color-border);
+    margin: 8px 0;
+    padding: 8px 0 8px 16px;
+}
+
 #user_sql .msg {
     left: 0;
     padding: 3px;
@@ -43,16 +50,23 @@
 }
 
 #user_sql .msg.error {
-    background-color: #d2322d;
-    color: #fff;
+    background-color: var(--color-error);
+    color: var(--color-primary-text);
 }
 
 #user_sql .msg.success {
-    background-color: #47a447;
-    color: #fff;
+    background-color: var(--color-success);
+    color: var(--color-primary-text);
 }
 
 #user_sql .msg.waiting {
-    background-color: #ff8f00;
-    color: #fff;
-}
+    background-color: var(--color-warning);
+    color: var(--color-primary-text);
+}
+
+#user_sql .loading {
+    display: inline-block;
+    height: 32px;
+    margin: 5px 0;
+    width: 32px;
+}
diff --git a/js/settings.js b/js/settings.js
@@ -58,6 +58,49 @@ user_sql.adminSettingsUI = function () {
             });
         };
 
+        var cryptoParams = function () {
+            var cryptoChanged = function () {
+                var content = $("#opt-crypto_params_content");
+                var loading = $("#opt-crypto_params_loading");
+
+                content.hide();
+                loading.show();
+
+                $.get(OC.generateUrl("/apps/user_sql/settings/crypto/params"), {cryptoClass: $("#opt-crypto_class").val()},
+                    function (data) {
+                        content.empty();
+                        loading.hide();
+
+                        if (data.status === "success") {
+                            for (var index = 0, length = data.data.length; index < length; ++index) {
+                                var param = $("<div></div>");
+                                var label = $("<label></label>").attr({for: "opt-crypto_param_" + index});
+                                var title = $("<span></span>").text(data.data[index]["name"]);
+                                var input = $("<input/>").attr({
+                                    type: "number",
+                                    id: "opt-crypto_param_" + index,
+                                    name: "opt-crypto_param_" + index,
+                                    step: 1,
+                                    min: data.data[index]["min"],
+                                    max: data.data[index]["max"],
+                                    value: data.data[index]["value"]
+                                });
+
+                                label.append(title);
+                                param.append(label);
+                                param.append(input);
+                                content.append(param);
+                                content.show();
+                            }
+                        }
+                    }, "json");
+            };
+            $("#opt-crypto_class").change(function () {
+                cryptoChanged();
+            });
+            cryptoChanged();
+        };
+
         $("#user_sql-db_connection_verify").click(function (event) {
             return click(event, "/apps/user_sql/settings/db/verify");
         });
@@ -89,11 +132,13 @@ user_sql.adminSettingsUI = function () {
             "#db-table-group-column-admin, #db-table-group-column-name, #db-table-group-column-gid",
             "/apps/user_sql/settings/autocomplete/table/group"
         );
+
+        cryptoParams();
     }
 };
 
 $(document).ready(function () {
     if ($(form_id)) {
         user_sql.adminSettingsUI();
     }
-});
+});
diff --git a/lib/Backend/UserBackend.php b/lib/Backend/UserBackend.php
@@ -343,7 +343,12 @@ public function checkPassword(string $uid, string $password)
     private function getPasswordAlgorithm()
     {
         $cryptoType = $this->properties[Opt::CRYPTO_CLASS];
-        $passwordAlgorithm = new $cryptoType($this->localization);
+        $cryptoParam0 = $this->properties[Opt::CRYPTO_PARAM_0];
+        $cryptoParam1 = $this->properties[Opt::CRYPTO_PARAM_1];
+        $cryptoParam2 = $this->properties[Opt::CRYPTO_PARAM_2];
+        $passwordAlgorithm = new $cryptoType(
+            $this->localization, $cryptoParam0, $cryptoParam1, $cryptoParam2
+        );
 
         if ($passwordAlgorithm === null) {
             $this->logger->error(
diff --git a/lib/Constant/Opt.php b/lib/Constant/Opt.php
@@ -31,6 +31,9 @@ final class Opt
     const APPEND_SALT = "opt.append_salt";
     const CASE_INSENSITIVE_USERNAME = "opt.case_insensitive_username";
     const CRYPTO_CLASS = "opt.crypto_class";
+    const CRYPTO_PARAM_0 = "opt.crypto_param_0";
+    const CRYPTO_PARAM_1 = "opt.crypto_param_1";
+    const CRYPTO_PARAM_2 = "opt.crypto_param_2";
     const EMAIL_SYNC = "opt.email_sync";
     const HOME_LOCATION = "opt.home_location";
     const HOME_MODE = "opt.home_mode";
diff --git a/lib/Controller/SettingsController.php b/lib/Controller/SettingsController.php
@@ -28,12 +28,16 @@
 use OC\DB\ConnectionFactory;
 use OCA\UserSQL\Cache;
 use OCA\UserSQL\Constant\App;
+use OCA\UserSQL\Constant\Opt;
+use OCA\UserSQL\Crypto\IPasswordAlgorithm;
 use OCA\UserSQL\Platform\PlatformFactory;
 use OCA\UserSQL\Properties;
 use OCP\AppFramework\Controller;
 use OCP\IL10N;
 use OCP\ILogger;
 use OCP\IRequest;
+use ReflectionClass;
+use ReflectionException;
 
 /**
  * The settings controller.
@@ -72,7 +76,8 @@ class SettingsController extends Controller
     public function __construct(
         $appName, IRequest $request, ILogger $logger, IL10N $localization,
         Properties $properties, Cache $cache
-    ) {
+    )
+    {
         parent::__construct($appName, $request);
         $this->appName = $appName;
         $this->logger = $logger;
@@ -193,6 +198,16 @@ public function saveProperties()
             ];
         }
 
+        if (!$this->validateCryptoParams()) {
+            return [
+                "status" => "error", "data" => [
+                    "message" => $this->localization->t(
+                        "Hash algorithm parameter is out of range."
+                    )
+                ]
+            ];
+        }
+
         foreach ($properties as $key => $value) {
             $reqValue = $this->request->getParam(str_replace(".", "-", $key));
             $appValue = $this->properties[$key];
@@ -208,6 +223,9 @@ public function saveProperties()
                     "Property '$key' has been set to: " . $value,
                     ["app" => $this->appName]
                 );
+            } elseif (!is_bool($appValue) && !isset($reqValue)) {
+                unset($this->properties[$key]);
+
             }
         }
 
@@ -225,6 +243,48 @@ public function saveProperties()
         ];
     }
 
+    /**
+     * Validate request crypto params.
+     *
+     * @return bool TRUE if crypto params are correct FALSE otherwise.
+     */
+    private function validateCryptoParams()
+    {
+        $cryptoClass = $this->request->getParam("opt-crypto_class");
+        $configuration = $this->cryptoClassConfiguration($cryptoClass);
+
+        for ($i = 0; $i < count($configuration); ++$i) {
+            $reqParam = $this->request->getParam(
+                "opt-crypto_param_" . $i, null
+            );
+            $cryptoParam = $configuration[$i];
+
+            if (is_null($reqParam) || $reqParam < $cryptoParam->min
+                || $reqParam > $cryptoParam->max
+            ) {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * Get a crypto class configuration from request.
+     *
+     * @param $cryptoClass string Crypto class name.
+     *
+     * @return array A crypto class configuration.
+     */
+    private function cryptoClassConfiguration($cryptoClass)
+    {
+        /**
+         * @var $passwordAlgorithm IPasswordAlgorithm
+         */
+        $passwordAlgorithm = new $cryptoClass($this->localization);
+        return $passwordAlgorithm->configuration();
+    }
+
     /**
      * Clear the application cache memory.
      *
@@ -367,4 +427,40 @@ public function groupTableAutocomplete()
 
         return $columns;
     }
+
+    /**
+     * Get parameters for a password algorithm.
+     *
+     * @return array Password algorithm parameters.
+     * @throws ReflectionException Whenever Opt class cannot be initiated.
+     */
+    public function cryptoParams()
+    {
+        $this->logger->debug(
+            "Entering cryptoParams()", ["app" => $this->appName]
+        );
+
+        $cryptoClass = $this->request->getParam("cryptoClass");
+        $configuration = $this->cryptoClassConfiguration($cryptoClass);
+
+        if ($cryptoClass === $this->properties[Opt::CRYPTO_CLASS]) {
+            foreach ($configuration as $key => $value) {
+                $opt = new ReflectionClass("OCA\UserSQL\Constant\Opt");
+                $param = $this->properties[$opt->getConstant(
+                    "CRYPTO_PARAM_" . $key
+                )];
+
+                if (!is_null($param)) {
+                    $value->value = $param;
+                }
+            }
+        }
+
+        $this->logger->debug(
+            "Returning cryptoParams(): count(" . count($configuration) . ")",
+            ["app" => $this->appName]
+        );
+
+        return ["status" => "success", "data" => (array)$configuration];
+    }
 }
diff --git a/lib/Crypto/AbstractAlgorithm.php b/lib/Crypto/AbstractAlgorithm.php
@@ -74,4 +74,12 @@ public function checkPassword($password, $dbHash, $salt = null)
      * @inheritdoc
      */
     public abstract function getPasswordHash($password, $salt = null);
+
+    /**
+     * @inheritdoc
+     */
+    public function configuration()
+    {
+        return [];
+    }
 }
diff --git a/lib/Crypto/CryptArgon2.php b/lib/Crypto/CryptArgon2.php
@@ -100,6 +100,23 @@ public function getPasswordHash($password, $salt = null)
         );
     }
 
+    /**
+     * @inheritdoc
+     */
+    public function configuration()
+    {
+        return [
+            new CryptoParam(
+                "Memory cost (KiB)", PASSWORD_ARGON2_DEFAULT_MEMORY_COST, 1,
+                1048576
+            ),
+            new CryptoParam(
+                "Time cost", PASSWORD_ARGON2_DEFAULT_TIME_COST, 1, 1024
+            ),
+            new CryptoParam("Threads", PASSWORD_ARGON2_DEFAULT_THREADS, 1, 1024)
+        ];
+    }
+
     /**
      * @inheritdoc
      */
diff --git a/lib/Crypto/CryptBlowfish.php b/lib/Crypto/CryptBlowfish.php
@@ -67,6 +67,14 @@ public function getPasswordHash($password, $salt = null)
         );
     }
 
+    /**
+     * @inheritdoc
+     */
+    public function configuration()
+    {
+        return [new CryptoParam("Cost", 10, 4, 31)];
+    }
+
     /**
      * Get the algorithm name.
      *
diff --git a/lib/Crypto/CryptExtendedDES.php b/lib/Crypto/CryptExtendedDES.php
@@ -48,6 +48,14 @@ public function __construct(IL10N $localization, $iterationCount = 1000)
         $this->iterationCount = $iterationCount;
     }
 
+    /**
+     * @inheritdoc
+     */
+    public function configuration()
+    {
+        return [new CryptoParam("Iterations", 1000, 0, 16777215)];
+    }
+
     /**
      * @inheritdoc
      */
diff --git a/lib/Crypto/CryptSHA256.php b/lib/Crypto/CryptSHA256.php
@@ -49,6 +49,14 @@ public function __construct(IL10N $localization, $rounds = 5000)
         $this->rounds = $rounds;
     }
 
+    /**
+     * @inheritdoc
+     */
+    public function configuration()
+    {
+        return [new CryptoParam("Rounds", 5000, 1000, 999999999)];
+    }
+
     /**
      * @inheritdoc
      */
diff --git a/lib/Crypto/CryptSHA512.php b/lib/Crypto/CryptSHA512.php
@@ -49,6 +49,14 @@ public function __construct(IL10N $localization, $rounds = 5000)
         $this->rounds = $rounds;
     }
 
+    /**
+     * @inheritdoc
+     */
+    public function configuration()
+    {
+        return [new CryptoParam("Rounds", 5000, 1000, 999999999)];
+    }
+
     /**
      * @inheritdoc
      */
diff --git a/lib/Crypto/CryptoParam.php b/lib/Crypto/CryptoParam.php
diff --git a/lib/Crypto/Drupal7.php b/lib/Crypto/Drupal7.php
diff --git a/lib/Crypto/IPasswordAlgorithm.php b/lib/Crypto/IPasswordAlgorithm.php
diff --git a/lib/Crypto/Phpass.php b/lib/Crypto/Phpass.php
diff --git a/lib/Properties.php b/lib/Properties.php
diff --git a/templates/admin.php b/templates/admin.php

Original file line number	Diff line number	Diff line change
`@@ -61,6 +61,11 @@`
`61`	`61`	`"url" => "/settings/autocomplete/table/group",`
`62`	`62`	`"verb" => "POST"`
`63`	`63`	`],`
	`64`	`+ [`
	`65`	`+ "name" => "settings#cryptoParams",`
	`66`	`+ "url" => "/settings/crypto/params",`
	`67`	`+ "verb" => "GET"`
	`68`	`+ ],`
`64`	`69`	`]`
`65`	`70`	`]`
`66`	`71`	`);`
Original file line number	Diff line number	Diff line change
`@@ -67,6 +67,14 @@ public function getPasswordHash($password, $salt = null)`
`67`	`67`	`);`
`68`	`68`	`}`
`69`	`69`
	`70`	`+ /**`
	`71`	`+ * @inheritdoc`
	`72`	`+ */`
	`73`	`+ public function configuration()`
	`74`	`+ {`
	`75`	`+ return [new CryptoParam("Cost", 10, 4, 31)];`
	`76`	`+ }`
	`77`	`+`
`70`	`78`	`/**`
`71`	`79`	`* Get the algorithm name.`
`72`	`80`	`*`