1212use OCA \NotifyPush \Queue \IQueue ;
1313use OCA \NotifyPush \Queue \RedisQueue ;
1414use OCP \App \IAppManager ;
15+ use OCP \Http \Client \IClient ;
1516use OCP \Http \Client \IClientService ;
1617use OCP \IAppConfig ;
1718use OCP \IConfig ;
1819use OCP \IDBConnection ;
20+ use OCP \Security \ISecureRandom ;
1921use Symfony \Component \Console \Output \OutputInterface ;
2022use Symfony \Component \HttpFoundation \IpUtils ;
2123
2224class SelfTest {
2325 public const ERROR_OTHER = 1 ;
2426 public const ERROR_TRUSTED_PROXY = 2 ;
2527
26- private $ client ;
27- private $ cookie ;
28+ private IClient $ client ;
29+ private int $ cookie ;
30+ private string $ token ;
2831
2932 public function __construct (
3033 IClientService $ clientService ,
@@ -33,9 +36,15 @@ public function __construct(
3336 private IQueue $ queue ,
3437 private IDBConnection $ connection ,
3538 private IAppManager $ appManager ,
39+ private ISecureRandom $ random ,
3640 ) {
3741 $ this ->client = $ clientService ->newClient ();
3842 $ this ->cookie = rand (1 , (int )pow (2 , 30 ));
43+ $ this ->token = $ this ->random ->generate (32 );
44+ }
45+
46+ private function getHttpOpts (): array {
47+ return ['nextcloud ' => ['allow_local_address ' => true ], 'verify ' => false , 'headers ' => ['token ' => $ this ->token ]];
3948 }
4049
4150 public function test (string $ server , OutputInterface $ output , bool $ ignoreProxyError = false ): int {
@@ -56,11 +65,12 @@ public function test(string $server, OutputInterface $output, bool $ignoreProxyE
5665 $ output ->writeln ('<comment>🗴 push server URL is set to localhost, the push server will not be reachable from other machines</comment> ' );
5766 }
5867
68+ $ this ->queue ->getConnection ()->set ('test-token ' , $ this ->token );
5969 $ this ->queue ->push ('notify_test_cookie ' , $ this ->cookie );
6070 $ this ->appConfig ->setValueInt ('notify_push ' , 'cookie ' , $ this ->cookie );
6171
6272 try {
63- $ retrievedCookie = (int )$ this ->client ->get ($ server . '/test/cookie ' , [ ' nextcloud ' => [ ' allow_local_address ' => true ], ' verify ' => false ] )->getBody ();
73+ $ retrievedCookie = (int )$ this ->client ->get ($ server . '/test/cookie ' , $ this -> getHttpOpts () )->getBody ();
6474 } catch (\Exception $ e ) {
6575 $ msg = $ e ->getMessage ();
6676 $ output ->writeln ("<error>🗴 can't connect to push server: $ msg</error> " );
@@ -80,7 +90,7 @@ public function test(string $server, OutputInterface $output, bool $ignoreProxyE
8090 // If no admin user was created during the installation, there are no oc_filecache and oc_mounts entries yet, so this check has to be skipped.
8191 if ($ storageId !== null ) {
8292 try {
83- $ retrievedCount = (int )$ this ->client ->get ($ server . '/test/mapping/ ' . $ storageId , [ ' nextcloud ' => [ ' allow_local_address ' => true ], ' verify ' => false ] )->getBody ();
93+ $ retrievedCount = (int )$ this ->client ->get ($ server . '/test/mapping/ ' . $ storageId , $ this -> getHttpOpts () )->getBody ();
8494 } catch (\Exception $ e ) {
8595 $ msg = $ e ->getMessage ();
8696 $ output ->writeln ("<error>🗴 can't connect to push server: $ msg</error> " );
@@ -97,7 +107,7 @@ public function test(string $server, OutputInterface $output, bool $ignoreProxyE
97107
98108 // test if the push server can reach nextcloud by having it request the cookie
99109 try {
100- $ response = $ this ->client ->get ($ server . '/test/reverse_cookie ' , [ ' nextcloud ' => [ ' allow_local_address ' => true ], ' verify ' => false ] )->getBody ();
110+ $ response = $ this ->client ->get ($ server . '/test/reverse_cookie ' , $ this -> getHttpOpts () )->getBody ();
101111 $ retrievedCookie = (int )$ response ;
102112
103113 if ($ this ->cookie === $ retrievedCookie ) {
@@ -117,7 +127,7 @@ public function test(string $server, OutputInterface $output, bool $ignoreProxyE
117127
118128 // test that the push server is a trusted proxy
119129 try {
120- $ resolvedRemote = $ this ->client ->get ($ server . '/test/remote/1.2.3.4 ' , [ ' nextcloud ' => [ ' allow_local_address ' => true ], ' verify ' => false ] )->getBody ();
130+ $ resolvedRemote = $ this ->client ->get ($ server . '/test/remote/1.2.3.4 ' , $ this -> getHttpOpts () )->getBody ();
121131 } catch (\Exception $ e ) {
122132 $ msg = $ e ->getMessage ();
123133 $ output ->writeln ("<error>🗴 can't connect to push server: $ msg</error> " );
@@ -185,7 +195,7 @@ public function test(string $server, OutputInterface $output, bool $ignoreProxyE
185195 // test that the binary is up to date
186196 try {
187197 $ this ->queue ->getConnection ()->del ('notify_push_version ' );
188- $ response = $ this ->client ->post ($ server . '/test/version ' , [ ' nextcloud ' => [ ' allow_local_address ' => true ], ' verify ' => false ] );
198+ $ response = $ this ->client ->post ($ server . '/test/version ' , $ this -> getHttpOpts () );
189199 if ($ response === 'error ' ) {
190200 $ output ->writeln ('<error>🗴 failed to get binary version, check the push server output for more information</error> ' );
191201 return self ::ERROR_OTHER ;
0 commit comments