mirror of
https://github.com/nextcloud/server.git
synced 2026-02-19 02:38:40 -05:00
fix(federation): Allow cloud federation providers to handle unsuccessful return codes
Otherwise they are put to retry and will immediately trigger bruteforce protection infinitely Signed-off-by: Joas Schilling <coding@schilljs.com>
This commit is contained in:
Joas Schilling
parent
6f95febe17
commit
ecb111cec7
4 changed files with 109 additions and 0 deletions
|
|
@ -36,6 +36,7 @@ use OCP\Federation\ICloudFederationProviderManager;
|
|||
use OCP\Federation\ICloudFederationShare;
|
||||
use OCP\Federation\ICloudIdManager;
|
||||
use OCP\Http\Client\IClientService;
|
||||
use OCP\Http\Client\IResponse;
|
||||
use OCP\IConfig;
|
||||
use OCP\OCM\Exceptions\OCMProviderException;
|
||||
use OCP\OCM\IOCMDiscoveryService;
|
||||
|
|
@ -111,6 +112,9 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager
|
|||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated 29.0.0 - Use {@see sendCloudShare()} instead and handle errors manually
|
||||
*/
|
||||
public function sendShare(ICloudFederationShare $share) {
|
||||
$cloudID = $this->cloudIdManager->resolveCloudId($share->getShareWith());
|
||||
try {
|
||||
|
|
@ -147,10 +151,39 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager
|
|||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param ICloudFederationShare $share
|
||||
* @return IResponse
|
||||
* @throws OCMProviderException
|
||||
*/
|
||||
public function sendCloudShare(ICloudFederationShare $share): IResponse {
|
||||
$cloudID = $this->cloudIdManager->resolveCloudId($share->getShareWith());
|
||||
$ocmProvider = $this->discoveryService->discover($cloudID->getRemote());
|
||||
|
||||
$client = $this->httpClientService->newClient();
|
||||
try {
|
||||
return $client->post($ocmProvider->getEndPoint() . '/shares', [
|
||||
'body' => json_encode($share->getShare()),
|
||||
'headers' => ['content-type' => 'application/json'],
|
||||
'verify' => !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates', false),
|
||||
'timeout' => 10,
|
||||
'connect_timeout' => 10,
|
||||
]);
|
||||
} catch (\Throwable $e) {
|
||||
$this->logger->error('Error while sending share to federation server: ' . $e->getMessage(), ['exception' => $e]);
|
||||
try {
|
||||
return $client->getResponseFromThrowable($e);
|
||||
} catch (\Throwable $e) {
|
||||
throw new OCMProviderException($e->getMessage(), $e->getCode(), $e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $url
|
||||
* @param ICloudFederationNotification $notification
|
||||
* @return array|false
|
||||
* @deprecated 29.0.0 - Use {@see sendCloudNotification()} instead and handle errors manually
|
||||
*/
|
||||
public function sendNotification($url, ICloudFederationNotification $notification) {
|
||||
try {
|
||||
|
|
@ -180,6 +213,34 @@ class CloudFederationProviderManager implements ICloudFederationProviderManager
|
|||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param string $url
|
||||
* @param ICloudFederationNotification $notification
|
||||
* @return IResponse
|
||||
* @throws OCMProviderException
|
||||
*/
|
||||
public function sendCloudNotification(string $url, ICloudFederationNotification $notification): IResponse {
|
||||
$ocmProvider = $this->discoveryService->discover($url);
|
||||
|
||||
$client = $this->httpClientService->newClient();
|
||||
try {
|
||||
return $client->post($ocmProvider->getEndPoint() . '/notifications', [
|
||||
'body' => json_encode($notification->getMessage()),
|
||||
'headers' => ['content-type' => 'application/json'],
|
||||
'verify' => !$this->config->getSystemValueBool('sharing.federation.allowSelfSignedCertificates', false),
|
||||
'timeout' => 10,
|
||||
'connect_timeout' => 10,
|
||||
]);
|
||||
} catch (\Throwable $e) {
|
||||
$this->logger->error('Error while sending notification to federation server: ' . $e->getMessage(), ['exception' => $e]);
|
||||
try {
|
||||
return $client->getResponseFromThrowable($e);
|
||||
} catch (\Throwable $e) {
|
||||
throw new OCMProviderException($e->getMessage(), $e->getCode(), $e);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* check if the new cloud federation API is ready to be used
|
||||
*
|
||||
|
|
|
|||
|
|
@ -408,6 +408,22 @@ class Client implements IClient {
|
|||
return new Response($response);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the response of a Throwable thrown by the request methods when possible
|
||||
*
|
||||
* @param \Throwable $e
|
||||
* @return IResponse
|
||||
* @throws \Throwable When $e did not have a response
|
||||
* @since 29.0.0
|
||||
*/
|
||||
public function getResponseFromThrowable(\Throwable $e): IResponse {
|
||||
if (method_exists($e, 'hasResponse') && method_exists($e, 'getResponse') && $e->hasResponse()) {
|
||||
return new Response($e->getResponse());
|
||||
}
|
||||
|
||||
throw $e;
|
||||
}
|
||||
|
||||
protected function wrapGuzzlePromise(PromiseInterface $promise): IPromise {
|
||||
return new GuzzlePromiseAdapter(
|
||||
$promise,
|
||||
|
|
|
|||
|
|
@ -23,6 +23,9 @@
|
|||
*/
|
||||
namespace OCP\Federation;
|
||||
|
||||
use OCP\Http\Client\IResponse;
|
||||
use OCP\OCM\Exceptions\OCMProviderException;
|
||||
|
||||
/**
|
||||
* Class ICloudFederationProviderManager
|
||||
*
|
||||
|
|
@ -80,9 +83,18 @@ interface ICloudFederationProviderManager {
|
|||
* @return mixed
|
||||
*
|
||||
* @since 14.0.0
|
||||
* @deprecated 29.0.0 - Use {@see sendCloudShare()} instead and handle errors manually
|
||||
*/
|
||||
public function sendShare(ICloudFederationShare $share);
|
||||
|
||||
/**
|
||||
* @param ICloudFederationShare $share
|
||||
* @return IResponse
|
||||
* @throws OCMProviderException
|
||||
* @since 29.0.0
|
||||
*/
|
||||
public function sendCloudShare(ICloudFederationShare $share): IResponse;
|
||||
|
||||
/**
|
||||
* send notification about existing share
|
||||
*
|
||||
|
|
@ -91,9 +103,19 @@ interface ICloudFederationProviderManager {
|
|||
* @return array|false
|
||||
*
|
||||
* @since 14.0.0
|
||||
* @deprecated 29.0.0 - Use {@see sendCloudNotification()} instead and handle errors manually
|
||||
*/
|
||||
public function sendNotification($url, ICloudFederationNotification $notification);
|
||||
|
||||
/**
|
||||
* @param string $url
|
||||
* @param ICloudFederationNotification $notification
|
||||
* @return IResponse
|
||||
* @throws OCMProviderException
|
||||
* @since 29.0.0
|
||||
*/
|
||||
public function sendCloudNotification(string $url, ICloudFederationNotification $notification): IResponse;
|
||||
|
||||
/**
|
||||
* check if the new cloud federation API is ready to be used
|
||||
*
|
||||
|
|
|
|||
|
|
@ -207,6 +207,16 @@ interface IClient {
|
|||
*/
|
||||
public function options(string $uri, array $options = []): IResponse;
|
||||
|
||||
/**
|
||||
* Get the response of a Throwable thrown by the request methods when possible
|
||||
*
|
||||
* @param \Throwable $e
|
||||
* @return IResponse
|
||||
* @throws \Throwable When $e did not have a response
|
||||
* @since 29.0.0
|
||||
*/
|
||||
public function getResponseFromThrowable(\Throwable $e): IResponse;
|
||||
|
||||
/**
|
||||
* Sends an asynchronous GET request
|
||||
* @param string $uri
|
||||
|
|
|
|||
Loading…
Reference in a new issue