1<?php 2/** 3 * @author Robin Appelman <icewind@owncloud.com> 4 * @author Robin McCorkell <robin@mccorkell.me.uk> 5 * @author Vincent Petry <pvince81@owncloud.com> 6 * 7 * @copyright Copyright (c) 2018, ownCloud GmbH 8 * @license AGPL-3.0 9 * 10 * This code is free software: you can redistribute it and/or modify 11 * it under the terms of the GNU Affero General Public License, version 3, 12 * as published by the Free Software Foundation. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU Affero General Public License for more details. 18 * 19 * You should have received a copy of the GNU Affero General Public License, version 3, 20 * along with this program. If not, see <http://www.gnu.org/licenses/> 21 * 22 */ 23 24namespace OCP\Files\External\Auth; 25 26use OC\Files\External\VisibilityTrait; 27use OC\Files\External\IdentifierTrait; 28use OC\Files\External\FrontendDefinitionTrait; 29use OC\Files\External\StorageModifierTrait; 30use OCP\Files\External\IStorageConfig; 31 32/** 33 * Authentication mechanism 34 * 35 * An authentication mechanism can have services injected during construction, 36 * such as \OCP\IDB for database operations. This allows an authentication 37 * mechanism to perform advanced operations based on provided information. 38 * 39 * An authenication scheme defines the parameter interface, common to the 40 * storage implementation, the backend and the authentication mechanism. 41 * A storage implementation expects parameters according to the authentication 42 * scheme, which are provided from the authentication mechanism. 43 * 44 * This class uses the following traits: 45 * - VisibilityTrait 46 * Restrict usage to admin-only/none 47 * - FrontendDefinitionTrait 48 * Specify configuration parameters and other definitions 49 * - StorageModifierTrait 50 * Object can affect storage mounting 51 * 52 * @since 10.0 53 */ 54abstract class AuthMechanism implements \JsonSerializable { 55 56 /** Standard authentication schemes */ 57 public const SCHEME_NULL = 'null'; 58 public const SCHEME_BUILTIN = 'builtin'; 59 public const SCHEME_PASSWORD = 'password'; 60 public const SCHEME_OAUTH1 = 'oauth1'; 61 public const SCHEME_OAUTH2 = 'oauth2'; 62 public const SCHEME_PUBLICKEY = 'publickey'; 63 public const SCHEME_OPENSTACK = 'openstack'; 64 65 use VisibilityTrait; 66 use FrontendDefinitionTrait; 67 use StorageModifierTrait; 68 use IdentifierTrait; 69 70 /** @var string */ 71 protected $scheme; 72 73 /** 74 * Get the authentication scheme implemented 75 * See self::SCHEME_* constants 76 * 77 * @return string 78 * @since 10.0 79 */ 80 public function getScheme() { 81 return $this->scheme; 82 } 83 84 /** 85 * @param string $scheme 86 * @return self 87 * @since 10.0 88 */ 89 public function setScheme($scheme) { 90 $this->scheme = $scheme; 91 return $this; 92 } 93 94 /** 95 * Serialize into JSON for client-side JS 96 * 97 * @return array 98 * @since 10.0 99 */ 100 public function jsonSerialize() { 101 $data = $this->jsonSerializeDefinition(); 102 $data += $this->jsonSerializeIdentifier(); 103 104 $data['scheme'] = $this->getScheme(); 105 $data['visibility'] = $this->getVisibility(); 106 107 return $data; 108 } 109 110 /** 111 * Check if parameters are satisfied in a IStorageConfig 112 * 113 * @param IStorageConfig $storage 114 * @return bool 115 * @since 10.0 116 */ 117 public function validateStorage(IStorageConfig $storage) { 118 // does the backend actually support this scheme 119 $supportedSchemes = $storage->getBackend()->getAuthSchemes(); 120 if (!isset($supportedSchemes[$this->getScheme()]) && 121 !isset($supportedSchemes[$this->getIdentifier()])) { 122 return false; 123 } 124 125 return $this->validateStorageDefinition($storage); 126 } 127} 128