From f6423f74e3ca925fd43c67f2669384994ccc55fe Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Mon, 29 Aug 2016 21:17:16 +0200
Subject: [PATCH] Minor cleanup in core Controllers

---
 core/Controller/LoginController.php              |  1 -
 core/Controller/LostController.php               |  5 ++---
 core/Controller/TokenController.php              |  7 ++-----
 core/Controller/TwoFactorChallengeController.php |  2 +-
 tests/Core/Controller/TokenControllerTest.php    | 16 +++++++++-------
 5 files changed, 14 insertions(+), 17 deletions(-)

diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index 67e1e215289..f63d5cd8f2c 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -25,7 +25,6 @@
 
 namespace OC\Core\Controller;
 
-use OC\AppFramework\Utility\TimeFactory;
 use OC\Authentication\TwoFactorAuth\Manager;
 use OC\Security\Bruteforce\Throttler;
 use OC\User\Session;
diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php
index fe6be1e6852..b1111559a6c 100644
--- a/core/Controller/LostController.php
+++ b/core/Controller/LostController.php
@@ -40,7 +40,6 @@ use \OCP\IConfig;
 use OCP\IUserManager;
 use OCP\Mail\IMailer;
 use OCP\Security\ISecureRandom;
-use OCP\Security\StringUtils;
 
 /**
  * Class LostController
@@ -144,7 +143,7 @@ class LostController extends Controller {
 	}
 
 	/**
-	 * @param string $userId
+	 * @param string $token
 	 * @param string $userId
 	 * @throws \Exception
 	 */
@@ -161,7 +160,7 @@ class LostController extends Controller {
 			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is expired'));
 		}
 
-		if (!StringUtils::equals($splittedToken[1], $token)) {
+		if (!hash_equals($splittedToken[1], $token)) {
 			throw new \Exception($this->l10n->t('Couldn\'t reset password because the token is invalid'));
 		}
 	}
diff --git a/core/Controller/TokenController.php b/core/Controller/TokenController.php
index 9d4fd7c9656..6e3ff50fa1d 100644
--- a/core/Controller/TokenController.php
+++ b/core/Controller/TokenController.php
@@ -24,13 +24,10 @@
 namespace OC\Core\Controller;
 
 use OC\AppFramework\Http;
-use OC\AppFramework\Utility\TimeFactory;
-use OC\Authentication\Token\DefaultTokenProvider;
 use OC\Authentication\Token\IProvider;
 use OC\Authentication\Token\IToken;
 use OC\Authentication\TwoFactorAuth\Manager as TwoFactorAuthManager;
 use OC\User\Manager as UserManager;
-use OCA\User_LDAP\User\Manager;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\IRequest;
@@ -100,9 +97,9 @@ class TokenController extends Controller {
 
 		$token = $this->secureRandom->generate(128);
 		$this->tokenProvider->generateToken($token, $user->getUID(), $loginName, $password, $name, IToken::PERMANENT_TOKEN);
-		return [
+		return new JSONResponse([
 			'token' => $token,
-		];
+		]);
 	}
 
 }
diff --git a/core/Controller/TwoFactorChallengeController.php b/core/Controller/TwoFactorChallengeController.php
index b9e10b147ce..c19cf523279 100644
--- a/core/Controller/TwoFactorChallengeController.php
+++ b/core/Controller/TwoFactorChallengeController.php
@@ -96,7 +96,7 @@ class TwoFactorChallengeController extends Controller {
 	 *
 	 * @param string $challengeProviderId
 	 * @param string $redirect_url
-	 * @return TemplateResponse
+	 * @return TemplateResponse|RedirectResponse
 	 */
 	public function showChallenge($challengeProviderId, $redirect_url) {
 		$user = $this->userSession->getUser();
diff --git a/tests/Core/Controller/TokenControllerTest.php b/tests/Core/Controller/TokenControllerTest.php
index b6b54b14fad..0e965aac2e5 100644
--- a/tests/Core/Controller/TokenControllerTest.php
+++ b/tests/Core/Controller/TokenControllerTest.php
@@ -41,15 +41,17 @@ class TokenControllerTest extends TestCase {
 	protected function setUp() {
 		parent::setUp();
 
-		$this->request = $this->getMock('\OCP\IRequest');
+		$this->request = $this->getMockBuilder('\OCP\IRequest')->getMock();
 		$this->userManager = $this->getMockBuilder('\OC\User\Manager')
 			->disableOriginalConstructor()
 			->getMock();
-		$this->tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider');
+		$this->tokenProvider = $this->getMockBuilder('\OC\Authentication\Token\IProvider')
+			->getMock();
 		$this->twoFactorAuthManager = $this->getMockBuilder('\OC\Authentication\TwoFactorAuth\Manager')
 			->disableOriginalConstructor()
 			->getMock();
-		$this->secureRandom = $this->getMock('\OCP\Security\ISecureRandom');
+		$this->secureRandom = $this->getMockBuilder('\OCP\Security\ISecureRandom')
+			->getMock();
 
 		$this->tokenController = new TokenController('core', $this->request, $this->userManager, $this->tokenProvider, $this->twoFactorAuthManager, $this->secureRandom);
 	}
@@ -77,7 +79,7 @@ class TokenControllerTest extends TestCase {
 	}
 
 	public function testWithValidCredentials() {
-		$user = $this->getMock('\OCP\IUser');
+		$user = $this->getMockBuilder('\OCP\IUser')->getMock();
 		$this->userManager->expects($this->once())
 			->method('checkPassword')
 			->with('john', '123456')
@@ -96,9 +98,9 @@ class TokenControllerTest extends TestCase {
 		$this->tokenProvider->expects($this->once())
 			->method('generateToken')
 			->with('verysecurerandomtoken', 'john', 'john', '123456', 'unknown client', IToken::PERMANENT_TOKEN);
-		$expected = [
+		$expected = new JSONResponse([
 			'token' => 'verysecurerandomtoken'
-		];
+		]);
 
 		$actual = $this->tokenController->generateToken('john', '123456');
 
@@ -106,7 +108,7 @@ class TokenControllerTest extends TestCase {
 	}
 
 	public function testWithValidCredentialsBut2faEnabled() {
-		$user = $this->getMock('\OCP\IUser');
+		$user = $this->getMockBuilder('\OCP\IUser')->getMock();
 		$this->userManager->expects($this->once())
 			->method('checkPassword')
 			->with('john', '123456')
-- 
GitLab