Harden updater authentication

LukasReschke · LukasReschke · commit 5680743c2b19 · 2016-02-10T16:31:11.000+01:00
- Reset tokens after 2 hours as discussed at owncloud/updater#220 (comment) - Used BCrypt for storing the password in the config.php. This makes it substantially harder in case of a leakage of the token to bruteforce it. In the future we can evaluate also an HMAC including the IP. That's a bit tricker though at the moment considering that we support reverse proxies. Didn't feel brave enough to touch that dragon now as well ;)
diff --git a/apps/updatenotification/controller/admincontroller.php b/apps/updatenotification/controller/admincontroller.php
@@ -77,8 +77,8 @@ public function createCredentials() {
 		$this->config->setAppValue('core', 'updater.secret.created', $this->timeFactory->getTime());
 
 		// Create a new token
-		$newToken = $this->secureRandom->generate(32);
-		$this->config->setSystemValue('updater.secret', $newToken);
+		$newToken = $this->secureRandom->generate(64);
+		$this->config->setSystemValue('updater.secret', password_hash($newToken, PASSWORD_DEFAULT));
 
 		return new DataResponse($newToken);
 	}
diff --git a/apps/updatenotification/lib/resettokenbackgroundjob.php b/apps/updatenotification/lib/resettokenbackgroundjob.php
@@ -67,7 +67,8 @@ private function fixDIForJobs() {
 	 * @param $argument
 	 */
 	protected function run($argument) {
-		if($this->timeFactory->getTime() - $this->config->getAppValue('core', 'updater.secret.created', $this->timeFactory->getTime()) >= 86400) {
+		// Delete old tokens after 2 days
+		if($this->timeFactory->getTime() - $this->config->getAppValue('core', 'updater.secret.created', $this->timeFactory->getTime()) >= 172800) {
 			$this->config->deleteSystemValue('updater.secret');
 		}
 	}
diff --git a/apps/updatenotification/tests/controller/AdminControllerTest.php b/apps/updatenotification/tests/controller/AdminControllerTest.php
@@ -77,12 +77,12 @@ public function testCreateCredentials() {
 		$this->secureRandom
 			->expects($this->once())
 			->method('generate')
-			->with(32)
+			->with(64)
 			->willReturn('MyGeneratedToken');
 		$this->config
 			->expects($this->once())
 			->method('setSystemValue')
-			->with('updater.secret', 'MyGeneratedToken');
+			->with('updater.secret');
 		$this->timeFactory
 			->expects($this->once())
 			->method('getTime')

Original file line number	Diff line number	Diff line change
`@@ -77,8 +77,8 @@ public function createCredentials() {`
`77`	`77`	`$this->config->setAppValue('core', 'updater.secret.created', $this->timeFactory->getTime());`
`78`	`78`
`79`	`79`	`// Create a new token`
`80`		`- $newToken = $this->secureRandom->generate(32);`
`81`		`- $this->config->setSystemValue('updater.secret', $newToken);`
	`80`	`+ $newToken = $this->secureRandom->generate(64);`
	`81`	`+ $this->config->setSystemValue('updater.secret', password_hash($newToken, PASSWORD_DEFAULT));`
`82`	`82`
`83`	`83`	`return new DataResponse($newToken);`
`84`	`84`	`}`
Original file line number	Diff line number	Diff line change
`@@ -67,7 +67,8 @@ private function fixDIForJobs() {`
`67`	`67`	`* @param $argument`
`68`	`68`	`*/`
`69`	`69`	`protected function run($argument) {`
`70`		`- if($this->timeFactory->getTime() - $this->config->getAppValue('core', 'updater.secret.created', $this->timeFactory->getTime()) >= 86400) {`
	`70`	`+ // Delete old tokens after 2 days`
	`71`	`+ if($this->timeFactory->getTime() - $this->config->getAppValue('core', 'updater.secret.created', $this->timeFactory->getTime()) >= 172800) {`
`71`	`72`	`$this->config->deleteSystemValue('updater.secret');`
`72`	`73`	`}`
`73`	`74`	`}`