1414use OCA \WebhookListeners \Db \WebhookListener ;
1515use OCP \AppFramework \Utility \ITimeFactory ;
1616use OCP \Authentication \Token \IToken ;
17+ use OCP \IURLGenerator ;
1718use OCP \IUserManager ;
1819use OCP \L10N \IFactory ;
1920use OCP \Security \ISecureRandom ;
2223class TokenService {
2324 public function __construct (
2425 private IProvider $ tokenProvider
26+ private IURLGenerator $ urlGenerator
2527 private ISecureRandom $ random
2628 private EphemeralTokenMapper $ tokenMapper
2729 private LoggerInterface $ logger
@@ -35,23 +37,51 @@ public function __construct(
3537 * creates an array which includes two arrays of tokens: 'user_ids' and 'user_roles'
3638 * The array ['user_ids' => ['jane', 'bob'], 'user_roles' => ['owner', 'trigger']]
3739 * as requested tokens in the registered webhook produces a result like
38- * ['user_ids' => [['jane' => 'abcdtokenabcd1'], ['bob','=> 'abcdtokenabcd2']], 'user_roles' => ['owner' => ['admin' => 'abcdtokenabcd3'], 'trigger' => ['user1' => 'abcdtokenabcd4']]]
40+ * [
41+ * ['user_ids' => [
42+ * ['jane' => [
43+ * 'userId' => 'jane',
44+ * 'token' => 'abcdtokenabcd1'
45+ * 'baseUrl' => 'https://nextcloud.example'
46+ * ],
47+ * ['bob'=> [
48+ * 'userId' => 'bob',
49+ * 'token' => 'abcdtokenabcd2'
50+ * 'baseUrl' => 'https://nextcloud.example'
51+ * ],
52+ * ],
53+ * 'owner' => [
54+ * 'userId' => 'admin',
55+ * 'token' => 'abcdtokenabcd3'
56+ * 'baseUrl' => 'https://nextcloud.example'
57+ * ],
58+ * 'trigger' => [
59+ * 'userId' => 'user1',
60+ * 'token' => 'abcdtokenabcd4'
61+ * 'baseUrl' => 'https://nextcloud.example'
62+ * ],
63+ * ]
3964 * Created auth tokens are valid for 1 hour.
4065 *
4166 * @param WebhookListener $webhookListener
4267 * @param ?string $triggerUserId the user that triggered the webhook call
4368 * @return array{user_ids?:array<string,string>,user_roles?:array{owner?:array<string,string>,trigger?:array<string,string>}}
4469 */
4570 public function getTokens (WebhookListener $ webhookListenerstring $ triggerUserIdarray {
46- $ tokens
47- 'user_ids ' => [],
48- 'user_roles ' => [],
49- ];
71+ $ tokens
72+
5073 $ tokenNeeded$ webhookListenergetTokenNeeded ();
5174 if (isset ($ tokenNeeded'user_ids ' ])) {
75+ $ tokens
76+ 'user_ids ' => [],
77+ ];
5278 foreach ($ tokenNeeded'user_ids ' ] as $ userId
5379 try {
54- $ tokens'user_ids ' ][$ userId$ this createEphemeralToken ($ userId
80+ $ tokens'user_ids ' ][$ userId
81+ 'userId ' => $ userId
82+ 'token ' => $ this createEphemeralToken ($ userId
83+ 'baseUrl ' => $ this urlGenerator ->getBaseUrl ()
84+ ];
5585 } catch (\Exception $ e
5686 $ this logger ->error ('Webhook token creation for user ' . $ userId' failed: ' . $ egetMessage (), ['exception ' => $ e
5787 }
@@ -67,17 +97,21 @@ public function getTokens(WebhookListener $webhookListener, ?string $triggerUser
6797 if (is_null ($ ownerId// no owner uid available
6898 break ;
6999 }
70- $ tokens'user_roles ' ]['owner ' ] = [
71- $ ownerId$ this createEphemeralToken ($ ownerId
100+ $ tokens'owner ' ] = [
101+ 'userId ' => $ ownerId
102+ 'token ' => $ this createEphemeralToken ($ ownerId
103+ 'baseUrl ' => $ this urlGenerator ->getBaseUrl ()
72104 ];
73105 break ;
74106 case 'trigger ' :
75107 // token for the person who triggered the webhook
76108 if (is_null ($ triggerUserId// no trigger uid available
77109 break ;
78110 }
79- $ tokens'user_roles ' ]['trigger ' ] = [
80- $ triggerUserId$ this createEphemeralToken ($ triggerUserId
111+ $ tokens'trigger ' ] = [
112+ 'userId ' => $ triggerUserId
113+ 'token ' => $ this createEphemeralToken ($ triggerUserId
114+ 'baseUrl ' => $ this urlGenerator ->getBaseUrl ()
81115 ];
82116 break ;
83117 default :
0 commit comments