upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

Merge pull request #59155 from nextcloud/backport/59079/stable33

Browse source 
[stable33] fix(oauth2): Do not store the code in throttle metadata
This commit is contained in:
Côme Chilliet 2026-04-07 16:36:26 +02:00 committed by GitHub
commit 0ec2177370
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apps/oauth2/lib/Controller/OauthApiController.php
View file

@ -93,7 +93,7 @@ class OauthApiController extends Controller {
$response = new JSONResponse([
'error' => 'invalid_request',
], Http::STATUS_BAD_REQUEST);
$response->throttle(['invalid_request' => 'token not found', 'code' => $code]);
$response->throttle(['invalid_request' => 'token not found']);
return $response;
}

4
apps/oauth2/tests/Controller/OauthApiControllerTest.php
View file

@ -98,7 +98,7 @@ class OauthApiControllerTest extends TestCase {
$expected = new JSONResponse([
'error' => 'invalid_request',
], Http::STATUS_BAD_REQUEST);
$expected->throttle(['invalid_request' => 'token not found', 'code' => 'invalidcode']);
$expected->throttle(['invalid_request' => 'token not found']);
$this->accessTokenMapper->method('getByCode')
->with('invalidcode')
@ -194,7 +194,7 @@ class OauthApiControllerTest extends TestCase {
$expected = new JSONResponse([
'error' => 'invalid_request',
], Http::STATUS_BAD_REQUEST);
$expected->throttle(['invalid_request' => 'token not found', 'code' => 'invalidrefresh']);
$expected->throttle(['invalid_request' => 'token not found']);
$this->accessTokenMapper->method('getByCode')
->with('invalidrefresh')