alpcentaur
/
sncf-docker-compose
mirror of https://git.42l.fr/alpcentaur/sncf-docker-compose.git
1
0
Fork 0
Code Issues 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
1 Commit
1 Branch
20 MiB
Tree: 70323168b1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '70323168b1'
${ noResults }
sncf-docker-compose/docker/overlays/nextcloud/html/lib/private/Log/ExceptionSerializer.php

189 lines
4.9 KiB
Raw Normal View History

first commit
3 years ago
 
  1. <?php
  2. /**
  3.  * @copyright Copyright (c) 2018 Robin Appelman <robin@icewind.nl>
  4.  *
  5.  * @author Arthur Schiwon <blizzz@arthur-schiwon.de>
  6.  * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  7.  * @author Joas Schilling <coding@schilljs.com>
  8.  * @author Morris Jobke <hey@morrisjobke.de>
  9.  * @author Robin Appelman <robin@icewind.nl>
  10.  * @author Roeland Jago Douma <roeland@famdouma.nl>
  11.  *
  12.  * @license GNU AGPL version 3 or any later version
  13.  *
  14.  * This program is free software: you can redistribute it and/or modify
  15.  * it under the terms of the GNU Affero General Public License as
  16.  * published by the Free Software Foundation, either version 3 of the
  17.  * License, or (at your option) any later version.
  18.  *
  19.  * This program is distributed in the hope that it will be useful,
  20.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  21.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  22.  * GNU Affero General Public License for more details.
  23.  *
  24.  * You should have received a copy of the GNU Affero General Public License
  25.  * along with this program. If not, see <http://www.gnu.org/licenses/>.
  26.  *
  27.  */
  28. 

  29. namespace OC\Log;
  30. 

  31. use OC\Core\Controller\SetupController;
  32. use OC\HintException;
  33. use OC\Security\IdentityProof\Key;
  34. use OC\Setup;
  35. 

  36. class ExceptionSerializer {
  37. 	public const methodsWithSensitiveParameters = [
  38. 		// Session/User

  39. 		'completeLogin',
  40. 		'login',
  41. 		'checkPassword',
  42. 		'checkPasswordNoLogging',
  43. 		'loginWithPassword',
  44. 		'updatePrivateKeyPassword',
  45. 		'validateUserPass',
  46. 		'loginWithToken',
  47. 		'{closure}',
  48. 		'createSessionToken',
  49. 

  50. 		// Provisioning

  51. 		'addUser',
  52. 

  53. 		// TokenProvider

  54. 		'getToken',
  55. 		'isTokenPassword',
  56. 		'getPassword',
  57. 		'decryptPassword',
  58. 		'logClientIn',
  59. 		'generateToken',
  60. 		'validateToken',
  61. 

  62. 		// TwoFactorAuth

  63. 		'solveChallenge',
  64. 		'verifyChallenge',
  65. 

  66. 		// ICrypto

  67. 		'calculateHMAC',
  68. 		'encrypt',
  69. 		'decrypt',
  70. 

  71. 		// LoginController

  72. 		'tryLogin',
  73. 		'confirmPassword',
  74. 

  75. 		// LDAP

  76. 		'bind',
  77. 		'areCredentialsValid',
  78. 		'invokeLDAPMethod',
  79. 

  80. 		// Encryption

  81. 		'storeKeyPair',
  82. 		'setupUser',
  83. 

  84. 		// files_external: OCA\Files_External\MountConfig

  85. 		'getBackendStatus',
  86. 

  87. 		// files_external: UserStoragesController

  88. 		'update',
  89. 	];
  90. 

  91. 	public const methodsWithSensitiveParametersByClass = [
  92. 		SetupController::class => [
  93. 			'run',
  94. 			'display',
  95. 			'loadAutoConfig',
  96. 		],
  97. 		Setup::class => [
  98. 			'install'
  99. 		],
  100. 		Key::class => [
  101. 			'__construct'
  102. 		],
  103. 	];
  104. 

  105. 	private function editTrace(array &$sensitiveValues, array $traceLine): array {
  106. 		if (isset($traceLine['args'])) {
  107. 			$sensitiveValues = array_merge($sensitiveValues, $traceLine['args']);
  108. 		}
  109. 		$traceLine['args'] = ['*** sensitive parameters replaced ***'];
  110. 		return $traceLine;
  111. 	}
  112. 

  113. 	private function filterTrace(array $trace) {
  114. 		$sensitiveValues = [];
  115. 		$trace = array_map(function (array $traceLine) use (&$sensitiveValues) {
  116. 			$className = $traceLine['class'] ?? '';
  117. 			if ($className && isset(self::methodsWithSensitiveParametersByClass[$className])
  118. 				&& in_array($traceLine['function'], self::methodsWithSensitiveParametersByClass[$className], true)) {
  119. 				return $this->editTrace($sensitiveValues, $traceLine);
  120. 			}
  121. 			foreach (self::methodsWithSensitiveParameters as $sensitiveMethod) {
  122. 				if (strpos($traceLine['function'], $sensitiveMethod) !== false) {
  123. 					return $this->editTrace($sensitiveValues, $traceLine);
  124. 				}
  125. 			}
  126. 			return $traceLine;
  127. 		}, $trace);
  128. 		return array_map(function (array $traceLine) use ($sensitiveValues) {
  129. 			if (isset($traceLine['args'])) {
  130. 				$traceLine['args'] = $this->removeValuesFromArgs($traceLine['args'], $sensitiveValues);
  131. 			}
  132. 			return $traceLine;
  133. 		}, $trace);
  134. 	}
  135. 

  136. 	private function removeValuesFromArgs($args, $values) {
  137. 		foreach ($args as &$arg) {
  138. 			if (in_array($arg, $values, true)) {
  139. 				$arg = '*** sensitive parameter replaced ***';
  140. 			} elseif (is_array($arg)) {
  141. 				$arg = $this->removeValuesFromArgs($arg, $values);
  142. 			}
  143. 		}
  144. 		return $args;
  145. 	}
  146. 

  147. 	private function encodeTrace($trace) {
  148. 		$filteredTrace = $this->filterTrace($trace);
  149. 		return array_map(function (array $line) {
  150. 			if (isset($line['args'])) {
  151. 				$line['args'] = array_map([$this, 'encodeArg'], $line['args']);
  152. 			}
  153. 			return $line;
  154. 		}, $filteredTrace);
  155. 	}
  156. 

  157. 	private function encodeArg($arg) {
  158. 		if (is_object($arg)) {
  159. 			$data = get_object_vars($arg);
  160. 			$data['__class__'] = get_class($arg);
  161. 			return array_map([$this, 'encodeArg'], $data);
  162. 		} elseif (is_array($arg)) {
  163. 			return array_map([$this, 'encodeArg'], $arg);
  164. 		} else {
  165. 			return $arg;
  166. 		}
  167. 	}
  168. 

  169. 	public function serializeException(\Throwable $exception) {
  170. 		$data = [
  171. 			'Exception' => get_class($exception),
  172. 			'Message' => $exception->getMessage(),
  173. 			'Code' => $exception->getCode(),
  174. 			'Trace' => $this->encodeTrace($exception->getTrace()),
  175. 			'File' => $exception->getFile(),
  176. 			'Line' => $exception->getLine(),
  177. 		];
  178. 

  179. 		if ($exception instanceof HintException) {
  180. 			$data['Hint'] = $exception->getHint();
  181. 		}
  182. 

  183. 		if ($exception->getPrevious()) {
  184. 			$data['Previous'] = $this->serializeException($exception->getPrevious());
  185. 		}
  186. 

  187. 		return $data;
  188. 	}
  189. }