From a82b8ab9cba4b17c0fdcd0a4ae4b2ac7744692cd Mon Sep 17 00:00:00 2001
From: Christoph Wurst <christoph@winzerhof-wurst.at>
Date: Thu, 10 Aug 2023 10:20:01 +0200
Subject: [PATCH] fix(setup): Rate limit auto config attempts

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
---
 lib/Controller/AutoConfigController.php | 7 +++++++
 src/components/AccountForm.vue          | 2 ++
 2 files changed, 9 insertions(+)

diff --git a/lib/Controller/AutoConfigController.php b/lib/Controller/AutoConfigController.php
index 5d7dcd8872..b9315217f9 100644
--- a/lib/Controller/AutoConfigController.php
+++ b/lib/Controller/AutoConfigController.php
@@ -34,6 +34,7 @@
 use OCA\Mail\Service\AutoConfig\MxRecord;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\UserRateLimit;
 use OCP\IRequest;
 use OCP\Security\IRemoteHostValidator;
 use function in_array;
@@ -60,10 +61,12 @@ public function __construct(IRequest $request,
 	 * @param string $email
 	 *
 	 * @NoAdminRequired
+	 * @UserRateThrottle(limit: 5, period: 60)
 	 *
 	 * @return JsonResponse
 	 */
 	#[TrapError]
+	#[UserRateLimit(limit: 5, period: 60)]
 	public function queryIspdb(string $email): JsonResponse {
 		$rfc822Address = new Horde_Mail_Rfc822_Address($email);
 		if (!$rfc822Address->valid || !$this->hostValidator->isValid($rfc822Address->host)) {
@@ -78,10 +81,12 @@ public function queryIspdb(string $email): JsonResponse {
 	 * @param string $email
 	 *
 	 * @NoAdminRequired
+	 * @UserRateThrottle(limit: 5, period: 60)
 	 *
 	 * @return JsonResponse
 	 */
 	#[TrapError]
+	#[UserRateLimit(limit: 5, period: 60)]
 	public function queryMx(string $email): JsonResponse {
 		$rfc822Address = new Horde_Mail_Rfc822_Address($email);
 		if (!$rfc822Address->valid || !$this->hostValidator->isValid($rfc822Address->host)) {
@@ -98,10 +103,12 @@ public function queryMx(string $email): JsonResponse {
 	 * @param int $port
 	 *
 	 * @NoAdminRequired
+	 * @UserRateThrottle(limit: 10, period: 60)
 	 *
 	 * @return JsonResponse
 	 */
 	#[TrapError]
+	#[UserRateLimit(limit: 10, period: 60)]
 	public function testConnectivity(string $host, int $port): JsonResponse {
 		if (!in_array($port, [143, 993, 465, 587])) {
 			return JsonResponse::fail('Port not allowed');
diff --git a/src/components/AccountForm.vue b/src/components/AccountForm.vue
index 994ec0fdb7..b5c4af15ef 100644
--- a/src/components/AccountForm.vue
+++ b/src/components/AccountForm.vue
@@ -638,6 +638,8 @@ export default {
 						this.feedback = t('mail', 'SMTP connection failed')
 					} else if (error.message === CONSENT_ABORTED) {
 						this.feedback = t('mail', 'Authorization pop-up closed')
+					} else if (error.response?.status === 429) {
+						this.feedback = t('mail', 'Configuration discovery temporarily not available. Please try again later.')
 					} else {
 						this.feedback = t('mail', 'There was an error while setting up your account')
 					}