Drop NC 28

.github/workflows/integration.yml

@@ -30,9 +30,6 @@ jobs:
             - php-versions: 8.1
               databases: mysql
               server-versions: stable30
-            - php-versions: 8.2
-              databases: mysql
-              server-versions: stable30
             - php-versions: 8.1
               databases: mysql
               server-versions: stable31

appinfo/info.xml

@@ -23,7 +23,7 @@
 	<bugs>https://github.com/nextcloud/user_oidc/issues</bugs>
 	<repository>https://github.com/nextcloud/user_oidc</repository>
 	<dependencies>
-		<nextcloud min-version="28" max-version="33"/>
+		<nextcloud min-version="29" max-version="33"/>
 	</dependencies>
 	<settings>
 		<admin>OCA\UserOIDC\Settings\AdminSettings</admin>

composer.json

@@ -36,7 +36,7 @@
   "require-dev": {
     "nextcloud/coding-standard": "^1.0.0",
     "symfony/event-dispatcher": "^4",
-    "nextcloud/ocp": "dev-stable28",
+    "nextcloud/ocp": "dev-stable29",
     "psalm/phar": "^6",
     "phpunit/phpunit": "^10"
   },

lib/Controller/LoginController.php

@@ -42,6 +42,7 @@
 use OCP\Authentication\Token\IToken;
 use OCP\DB\Exception;
 use OCP\EventDispatcher\IEventDispatcher;
+use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\IL10N;
 use OCP\IRequest;
@@ -81,6 +82,7 @@ public function __construct(
 		private ITimeFactory $timeFactory,
 		private IEventDispatcher $eventDispatcher,
 		private IConfig $config,
+		private IAppConfig $appConfig,
 		private IProvider $authTokenProvider,
 		private SessionMapper $sessionMapper,
 		private ProvisioningService $provisioningService,
@@ -593,7 +595,7 @@ public function code(string $state = '', string $code = '', string $scope = '',
 			$this->eventDispatcher->dispatchTyped(new UserLoggedInEvent($user, $user->getUID(), null, false));
 		}
 
-		$storeLoginTokenEnabled = $this->config->getAppValue(Application::APP_ID, 'store_login_token', '0') === '1';
+		$storeLoginTokenEnabled = $this->appConfig->getValueString(Application::APP_ID, 'store_login_token', '0') === '1';
 		if ($storeLoginTokenEnabled) {
 			// store all token information for potential token exchange requests
 			$tokenData = array_merge(

lib/Controller/SettingsController.php

@@ -20,7 +20,7 @@
 use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\Http\Client\IClientService;
-use OCP\IConfig;
+use OCP\IAppConfig;
 use OCP\IRequest;
 use OCP\Security\ICrypto;
 use Psr\Log\LoggerInterface;
@@ -29,7 +29,7 @@ class SettingsController extends Controller {
 
 	public function __construct(
 		IRequest $request,
-		private IConfig $config,
+		private IAppConfig $appConfig,
 		private ProviderMapper $providerMapper,
 		private ID4MeService $id4meService,
 		private ProviderService $providerService,
@@ -180,7 +180,7 @@ public function setID4ME(bool $enabled): JSONResponse {
 	public function setAdminConfig(array $values): JSONResponse {
 		foreach ($values as $key => $value) {
 			if ($key === 'store_login_token' && is_bool($value)) {
-				$this->config->setAppValue(Application::APP_ID, 'store_login_token', $value ? '1' : '0');
+				$this->appConfig->setValueString(Application::APP_ID, 'store_login_token', $value ? '1' : '0');
 			}
 		}
 		return new JSONResponse([]);

lib/Listener/ExternalTokenRequestedListener.php

@@ -14,7 +14,7 @@
 use OCA\UserOIDC\Service\TokenService;
 use OCP\EventDispatcher\Event;
 use OCP\EventDispatcher\IEventListener;
-use OCP\IConfig;
+use OCP\IAppConfig;
 use OCP\IUserSession;
 use Psr\Log\LoggerInterface;
 
@@ -26,7 +26,7 @@ class ExternalTokenRequestedListener implements IEventListener {
 	public function __construct(
 		private IUserSession $userSession,
 		private TokenService $tokenService,
-		private IConfig $config,
+		private IAppConfig $appConfig,
 		private LoggerInterface $logger,
 	) {
 	}
@@ -42,7 +42,7 @@ public function handle(Event $event): void {
 
 		$this->logger->debug('[ExternalTokenRequestedListener] received request');
 
-		$storeLoginTokenEnabled = $this->config->getAppValue(Application::APP_ID, 'store_login_token', '0') === '1';
+		$storeLoginTokenEnabled = $this->appConfig->getValueString(Application::APP_ID, 'store_login_token', '0') === '1';
 		if (!$storeLoginTokenEnabled) {
 			throw new GetExternalTokenFailedException('Failed to get external token, login token is not stored', 0);
 		}

lib/Service/ID4MeService.php

@@ -9,20 +9,20 @@
 namespace OCA\UserOIDC\Service;
 
 use OCA\UserOIDC\AppInfo\Application;
-use OCP\IConfig;
+use OCP\IAppConfig;
 
 class ID4MeService {
 
 	public function __construct(
-		private IConfig $config,
+		private IAppConfig $appConfig,
 	) {
 	}
 
 	public function setID4ME(bool $enabled): void {
-		$this->config->setAppValue(Application::APP_ID, 'id4me_enabled', $enabled ? '1' : '0');
+		$this->appConfig->setValueString(Application::APP_ID, 'id4me_enabled', $enabled ? '1' : '0');
 	}
 
 	public function getID4ME(): bool {
-		return $this->config->getAppValue(Application::APP_ID, 'id4me_enabled', '0') === '1';
+		return $this->appConfig->getValueString(Application::APP_ID, 'id4me_enabled', '0') === '1';
 	}
 }

lib/Service/ProviderService.php

@@ -14,7 +14,7 @@
 use OCA\UserOIDC\Db\Provider;
 use OCA\UserOIDC\Db\ProviderMapper;
 use OCP\AppFramework\Db\DoesNotExistException;
-use OCP\IConfig;
+use OCP\IAppConfig;
 
 class ProviderService {
 	public const SETTING_CHECK_BEARER = 'checkBearer';
@@ -67,7 +67,7 @@ class ProviderService {
 	];
 
 	public function __construct(
-		private IConfig $config,
+		private IAppConfig $appConfig,
 		private ProviderMapper $providerMapper,
 	) {
 	}
@@ -117,18 +117,18 @@ public function setSettings(int $providerId, array $settings): array {
 
 	public function deleteSettings(int $providerId): void {
 		foreach ($this->getSupportedSettings() as $setting) {
-			$this->config->deleteAppValue(Application::APP_ID, $this->getSettingsKey($providerId, $setting));
+			$this->appConfig->deleteKey(Application::APP_ID, $this->getSettingsKey($providerId, $setting));
 		}
-		$this->config->deleteAppValue(Application::APP_ID, $this->getSettingsKey($providerId, self::SETTING_JWKS_CACHE));
-		$this->config->deleteAppValue(Application::APP_ID, $this->getSettingsKey($providerId, self::SETTING_JWKS_CACHE_TIMESTAMP));
+		$this->appConfig->deleteKey(Application::APP_ID, $this->getSettingsKey($providerId, self::SETTING_JWKS_CACHE));
+		$this->appConfig->deleteKey(Application::APP_ID, $this->getSettingsKey($providerId, self::SETTING_JWKS_CACHE_TIMESTAMP));
 	}
 
 	public function setSetting(int $providerId, string $key, string $value): void {
-		$this->config->setAppValue(Application::APP_ID, $this->getSettingsKey($providerId, $key), $value);
+		$this->appConfig->setValueString(Application::APP_ID, $this->getSettingsKey($providerId, $key), $value);
 	}
 
 	public function getSetting(int $providerId, string $key, string $default = ''): string {
-		$value = $this->config->getAppValue(Application::APP_ID, $this->getSettingsKey($providerId, $key), '');
+		$value = $this->appConfig->getValueString(Application::APP_ID, $this->getSettingsKey($providerId, $key), '');
 		if ($value === '') {
 			return $default;
 		}

lib/Service/SettingsService.php

@@ -11,20 +11,20 @@
 namespace OCA\UserOIDC\Service;
 
 use OCA\UserOIDC\AppInfo\Application;
-use OCP\IConfig;
+use OCP\IAppConfig;
 
 class SettingsService {
 
 	public function __construct(
-		private IConfig $config,
+		private IAppConfig $appConfig,
 	) {
 	}
 
 	public function getAllowMultipleUserBackEnds(): bool {
-		return $this->config->getAppValue(Application::APP_ID, 'allow_multiple_user_backends', '1') === '1';
+		return $this->appConfig->getValueString(Application::APP_ID, 'allow_multiple_user_backends', '1') === '1';
 	}
 
 	public function setAllowMultipleUserBackEnds(bool $value): void {
-		$this->config->setAppValue(Application::APP_ID, 'allow_multiple_user_backends', $value ? '1' : '0');
+		$this->appConfig->setValueString(Application::APP_ID, 'allow_multiple_user_backends', $value ? '1' : '0');
 	}
 }

lib/Service/TokenService.php

@@ -26,6 +26,7 @@
 use OCP\Authentication\Token\IToken;
 use OCP\EventDispatcher\IEventDispatcher;
 use OCP\Http\Client\IClient;
+use OCP\IAppConfig;
 use OCP\IConfig;
 use OCP\IRequest;
 use OCP\ISession;
@@ -53,6 +54,7 @@ public function __construct(
 		private IUserSession $userSession,
 		private IProvider $tokenProvider,
 		private IConfig $config,
+		private IAppConfig $appConfig,
 		private LoggerInterface $logger,
 		private ICrypto $crypto,
 		private IRequest $request,
@@ -114,7 +116,7 @@ public function getToken(bool $refreshIfExpired = true): ?Token {
 	 * @throws PreConditionNotMetException
 	 */
 	public function checkLoginToken(): void {
-		$storeLoginTokenEnabled = $this->config->getAppValue(Application::APP_ID, 'store_login_token', '0') === '1';
+		$storeLoginTokenEnabled = $this->appConfig->getValueString(Application::APP_ID, 'store_login_token', '0') === '1';
 		if (!$storeLoginTokenEnabled) {
 			return;
 		}
@@ -141,6 +143,7 @@ public function checkLoginToken(): void {
 			return;
 		}
 		$scope = $sessionAuthToken->getScopeAsArray();
+		// since 30, we still support 29
 		if (defined(IToken::class . '::SCOPE_SKIP_PASSWORD_VALIDATION')
 			&& (
 				!isset($scope[IToken::SCOPE_SKIP_PASSWORD_VALIDATION])
@@ -252,7 +255,7 @@ public function decodeIdToken(Token $token): array {
 	 * @throws \JsonException
 	 */
 	public function getExchangedToken(string $targetAudience, array $extraScopes = []): Token {
-		$storeLoginTokenEnabled = $this->config->getAppValue(Application::APP_ID, 'store_login_token', '0') === '1';
+		$storeLoginTokenEnabled = $this->appConfig->getValueString(Application::APP_ID, 'store_login_token', '0') === '1';
 		if (!$storeLoginTokenEnabled) {
 			throw new TokenExchangeFailedException(
 				'Failed to exchange token, storing the login token is disabled. It can be enabled in config.php',

lib/Settings/AdminSettings.php

@@ -14,7 +14,7 @@
 use OCA\UserOIDC\Service\ProviderService;
 use OCP\AppFramework\Http\TemplateResponse;
 use OCP\AppFramework\Services\IInitialState;
-use OCP\IConfig;
+use OCP\IAppConfig;
 use OCP\IURLGenerator;
 use OCP\Settings\ISettings;
 use OCP\Util;
@@ -25,7 +25,7 @@ public function __construct(
 		private ProviderService $providerService,
 		private ID4MeService $Id4MeService,
 		private IURLGenerator $urlGenerator,
-		private IConfig $config,
+		private IAppConfig $appConfig,
 		private IInitialState $initialStateService,
 	) {
 	}
@@ -37,7 +37,7 @@ public function getForm() {
 		);
 		$this->initialStateService->provideInitialState(
 			'storeLoginTokenState',
-			$this->config->getAppValue(Application::APP_ID, 'store_login_token', '0') === '1'
+			$this->appConfig->getValueString(Application::APP_ID, 'store_login_token', '0') === '1'
 		);
 		$this->initialStateService->provideInitialState(
 			'providers',