feat: error handling

Signed-off-by: Jana Peper <[email protected]>

Author: janepie

apps/webhook_listeners/lib/BackgroundJobs/WebhookCall.php

@@ -46,7 +46,7 @@ protected function run($argument): void {
 		$client = $this->clientService->newClient();
 
 		// adding Ephemeral auth tokens to the call
-		$data['tokens'] = $this->tokenService->getTokens($webhookListener, $data['user']['uid']);
+		$data['tokens'] = $this->tokenService->getTokens($webhookListener, $data['user']['uid'] ?? null);
 		$options = [
 			'verify' => $this->certificateManager->getAbsoluteBundlePath(),
 			'headers' => $webhookListener->getHeaders() ?? [],

apps/webhook_listeners/lib/Db/EphemeralTokenMapper.php

@@ -52,7 +52,7 @@ public function getById(int $id): EphemeralToken {
 	}
 
 	/**
-	 * @throws \Exception
+	 * @throws Exception
 	 * @return EphemeralToken[]
 	 */
 	public function getAll(): array {
@@ -64,6 +64,12 @@ public function getAll(): array {
 		return $this->findEntities($qb);
 	}
 
+
+	/**
+	 * @param int $olderThan
+	 * @return EphemeralToken[]
+	 * @throws Exception
+	 */
 	public function getOlderThan($olderThan): array {
 		$qb = $this->db->getQueryBuilder();
 
@@ -106,12 +112,23 @@ public function deleteByTokenId(int $tokenId): bool {
 
 	public function invalidateOldTokens(int $token_lifetime = self::TOKEN_LIFETIME) {
 		$olderThan = $this->time->getTime() - $token_lifetime;
-		$tokensToDelete = $this->getOlderThan($olderThan);
+		try {
+			$tokensToDelete = $this->getOlderThan($olderThan);
+		} catch (Exception $e) {
+			$this->logger->error('Webhook token deletion failed: ' . $e->getMessage(), ['exception' => $e]);
+			return;
+		}
+
 
 		$this->logger->debug('Invalidating ephemeral webhook tokens older than ' . date('c', $olderThan), ['app' => 'webhook_listeners']);
 		foreach ($tokensToDelete as $token) {
-			$this->tokenMapper->invalidate($this->tokenMapper->getTokenById($token->getTokenId())->getToken()); // delete token itself
-			$this->deleteByTokenId($token->getTokenId()); // delete db row in webhook_tokens
+			try {
+				$this->tokenMapper->delete($this->tokenMapper->getTokenById($token->getTokenId())); // delete token itself
+				$this->deleteByTokenId($token->getTokenId()); // delete db row in webhook_tokens
+			} catch (Exception $e) {
+				$this->logger->error('Webhook token deletion failed: ' . $e->getMessage(), ['exception' => $e]);
+			}
+
 		}
 	}
 }

apps/webhook_listeners/lib/Service/TokenService.php

@@ -10,20 +10,21 @@
 namespace OCA\WebhookListeners\Service;
 
 use OC\Authentication\Token\IProvider;
-use OC\Authentication\Token\PublicKeyToken;
 use OCA\WebhookListeners\Db\EphemeralTokenMapper;
 use OCA\WebhookListeners\Db\WebhookListener;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\Authentication\Token\IToken;
 use OCP\IUserManager;
 use OCP\L10N\IFactory;
 use OCP\Security\ISecureRandom;
+use Psr\Log\LoggerInterface;
 
 class TokenService {
 	public function __construct(
 		private IProvider $tokenProvider,
 		private ISecureRandom $random,
 		private EphemeralTokenMapper $tokenMapper,
+		private LoggerInterface $logger,
 		private ITimeFactory $time,
 		private IFactory $l10nFactory,
 		private IUserManager $userManager,
@@ -49,20 +50,25 @@ public function getTokens(WebhookListener $webhookListener, ?string $triggerUser
 		$tokenNeeded = $webhookListener->getTokenNeeded();
 		if (isset($tokenNeeded['user_ids'])) {
 			foreach ($tokenNeeded['user_ids'] as $userId) {
-				$tokens['user_ids'][$userId] = $this->createEphemeralToken($userId);
+				try {
+					$tokens['user_ids'][$userId] = $this->createEphemeralToken($userId);
+				} catch (\Exception $e) {
+					$this->logger->error('Webhook token creation for user ' . $userId . ' failed: ' . $e->getMessage(), ['exception' => $e]);
+				}
+
 			}
 		}
 		if (isset($tokenNeeded['user_roles'])) {
-			foreach ($tokenNeeded['user_roles'] as $function) {
-				switch ($function) {
+			foreach ($tokenNeeded['user_roles'] as $user_role) {
+				switch ($user_role) {
 					case 'owner':
 						// token for the person who created the flow
-						$functionId = $webhookListener->getUserId();
-						if (is_null($functionId)) { // no owner uid available
+						$ownerId = $webhookListener->getUserId();
+						if (is_null($ownerId)) { // no owner uid available
 							break;
 						}
 						$tokens['user_roles']['owner'] = [
-							$functionId => $this->createEphemeralToken($functionId)
+							$ownerId => $this->createEphemeralToken($ownerId)
 						];
 						break;
 					case 'trigger':
@@ -74,6 +80,9 @@ public function getTokens(WebhookListener $webhookListener, ?string $triggerUser
 							$triggerUserId => $this->createEphemeralToken($triggerUserId)
 						];
 						break;
+					default:
+						$this->logger->error('Webhook token creation for user role ' . $user_role . ' not defined. ', ['Not defined' => $user_role]);
+
 				}
 			}
 		}
@@ -96,12 +105,6 @@ private function createEphemeralToken(string $userId): string {
 			$name,
 			IToken::PERMANENT_TOKEN);
 
-		// We need the getToken() method to be able to send the token out.
-		// That method is only available in PublicKeyToken which is returned by generateToken
-		// but not declared as such, so we have to check the type here
-		if (!($deviceToken instanceof PublicKeyToken)) { // type needed for the getToken() function
-			throw new \Exception('Unexpected token type');
-		}
 		$this->tokenMapper->addEphemeralToken(
 			$deviceToken->getId(),
 			$userId,