From 4ff31c0ecad04a1660c9d0235c493e955a795024 Mon Sep 17 00:00:00 2001
From: Robin Appelman <robin@icewind.nl>
Date: Fri, 16 Mar 2018 15:20:16 +0100
Subject: [PATCH] verify cached swift token

Signed-off-by: Robin Appelman <robin@icewind.nl>
---
 apps/files_external/lib/Lib/Storage/Swift.php |  6 ++++-
 lib/private/Files/ObjectStore/Swift.php       | 11 ++++----
 .../Files/ObjectStore/SwiftFactory.php        | 25 ++++++++++++++-----
 3 files changed, 29 insertions(+), 13 deletions(-)

diff --git a/apps/files_external/lib/Lib/Storage/Swift.php b/apps/files_external/lib/Lib/Storage/Swift.php
index a638169dcb2..f72aa076d27 100644
--- a/apps/files_external/lib/Lib/Storage/Swift.php
+++ b/apps/files_external/lib/Lib/Storage/Swift.php
@@ -194,7 +194,11 @@ class Swift extends \OC\Files\Storage\Common {
 		$this->params = $params;
 		// FIXME: private class...
 		$this->objectCache = new \OC\Cache\CappedMemoryCache();
-		$this->connectionFactory = new SwiftFactory(\OC::$server->getMemCacheFactory()->createDistributed('swift/'), $this->params);
+		$this->connectionFactory = new SwiftFactory(
+			\OC::$server->getMemCacheFactory()->createDistributed('swift/'),
+			$this->params,
+			\OC::$server->getLogger()
+		);
 		$this->objectStore = new \OC\Files\ObjectStore\Swift($this->params, $this->connectionFactory);
 		$this->bucket = $params['bucket'];
 	}
diff --git a/lib/private/Files/ObjectStore/Swift.php b/lib/private/Files/ObjectStore/Swift.php
index f22e147445b..6bb01506c4c 100644
--- a/lib/private/Files/ObjectStore/Swift.php
+++ b/lib/private/Files/ObjectStore/Swift.php
@@ -36,16 +36,15 @@ class Swift implements IObjectStore {
 	 */
 	private $params;
 
-	/**
-	 * @var \OpenStack\ObjectStore\v1\Models\Container|null
-	 */
-	private $container = null;
-
 	/** @var SwiftFactory */
 	private $swiftFactory;
 
 	public function __construct($params, SwiftFactory $connectionFactory = null) {
-		$this->swiftFactory = $connectionFactory ?: new SwiftFactory(\OC::$server->getMemCacheFactory()->createDistributed('swift::'), $params);
+		$this->swiftFactory = $connectionFactory ?: new SwiftFactory(
+			\OC::$server->getMemCacheFactory()->createDistributed('swift::'),
+			$params,
+			\OC::$server->getLogger()
+		);
 		$this->params = $params;
 	}
 
diff --git a/lib/private/Files/ObjectStore/SwiftFactory.php b/lib/private/Files/ObjectStore/SwiftFactory.php
index 7bb76782a82..85bba573001 100644
--- a/lib/private/Files/ObjectStore/SwiftFactory.php
+++ b/lib/private/Files/ObjectStore/SwiftFactory.php
@@ -30,6 +30,7 @@ use GuzzleHttp\HandlerStack;
 use OCP\Files\StorageAuthException;
 use OCP\Files\StorageNotAvailableException;
 use OCP\ICache;
+use OCP\ILogger;
 use OpenStack\Common\Error\BadResponseError;
 use OpenStack\Common\Auth\Token;
 use OpenStack\Identity\v2\Service as IdentityV2Service;
@@ -44,10 +45,12 @@ class SwiftFactory {
 	private $params;
 	/** @var Container|null */
 	private $container = null;
+	private $logger;
 
-	public function __construct(ICache $cache, array $params) {
+	public function __construct(ICache $cache, array $params, ILogger $logger) {
 		$this->cache = $cache;
 		$this->params = $params;
+		$this->logger = $logger;
 	}
 
 	private function getCachedToken(string $cacheKey) {
@@ -97,10 +100,7 @@ class SwiftFactory {
 
 		$cacheKey = $userName . '@' . $this->params['url'] . '/' . $this->params['container'];
 		$token = $this->getCachedToken($cacheKey);
-		$hasToken = is_array($token) && (new \DateTimeImmutable($token['expires_at'])) > (new \DateTimeImmutable('now'));
-		if ($hasToken) {
-			$this->params['cachedToken'] = $token;
-		}
+		$this->params['cachedToken'] = $token;
 
 		$httpClient = new Client([
 			'base_uri' => TransportUtils::normalizeUrl($this->params['url']),
@@ -125,7 +125,20 @@ class SwiftFactory {
 		$this->params['authUrl'] = $this->params['url'];
 		$client = new OpenStack($this->params);
 
-		if (!isset($this->params['cachedToken'])) {
+		$cachedToken = $this->params['cachedToken'];
+		$hasValidCachedToken = false;
+		if (is_array($cachedToken)) {
+			$token = $authService->generateTokenFromCache($cachedToken);
+			if (is_null($token->catalog)) {
+				$this->logger->warning('Invalid cached token for swift, no catalog set: ' . json_encode($cachedToken));
+			} else if ($token->hasExpired()) {
+				$this->logger->debug('Cached token for swift expired');
+			} else {
+				$hasValidCachedToken = true;
+			}
+		}
+
+		if (!$hasValidCachedToken) {
 			try {
 				$token = $authService->generateToken($this->params);
 				$this->cacheToken($token, $cacheKey);
-- 
GitLab