mirror of
https://github.com/nextcloud/server.git
synced 2026-06-12 10:10:49 -04:00
Merge pull request #49098 from nextcloud/backport/48933/stable30
[stable30] Clear pending two factor tokens also from configuration
This commit is contained in:
Richard Steinmetz
GitHub
commit
442d036ac9
2 changed files with 65 additions and 1 deletions
|
|
@ -12,6 +12,7 @@ use BadMethodCallException;
|
|||
use Exception;
|
||||
use OC\Authentication\Token\IProvider as TokenProvider;
|
||||
use OCP\Activity\IManager;
|
||||
use OCP\AppFramework\Db\DoesNotExistException;
|
||||
use OCP\AppFramework\Utility\ITimeFactory;
|
||||
use OCP\Authentication\Exceptions\InvalidTokenException;
|
||||
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
|
||||
|
|
@ -366,7 +367,12 @@ class Manager {
|
|||
$tokensNeeding2FA = $this->config->getUserKeys($userId, 'login_token_2fa');
|
||||
|
||||
foreach ($tokensNeeding2FA as $tokenId) {
|
||||
$this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
|
||||
$this->config->deleteUserValue($userId, 'login_token_2fa', $tokenId);
|
||||
|
||||
try {
|
||||
$this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
|
||||
} catch (DoesNotExistException $e) {
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -15,6 +15,7 @@ use OC\Authentication\TwoFactorAuth\MandatoryTwoFactor;
|
|||
use OC\Authentication\TwoFactorAuth\ProviderLoader;
|
||||
use OCP\Activity\IEvent;
|
||||
use OCP\Activity\IManager;
|
||||
use OCP\AppFramework\Db\DoesNotExistException;
|
||||
use OCP\AppFramework\Utility\ITimeFactory;
|
||||
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
|
||||
use OCP\Authentication\TwoFactorAuth\IProvider;
|
||||
|
|
@ -701,4 +702,61 @@ class ManagerTest extends TestCase {
|
|||
|
||||
$this->assertFalse($this->manager->needsSecondFactor($user));
|
||||
}
|
||||
|
||||
public function testClearTwoFactorPending() {
|
||||
$this->config->method('getUserKeys')
|
||||
->with('theUserId', 'login_token_2fa')
|
||||
->willReturn([
|
||||
'42', '43', '44'
|
||||
]);
|
||||
|
||||
$this->config->expects($this->exactly(3))
|
||||
->method('deleteUserValue')
|
||||
->withConsecutive(
|
||||
['theUserId', 'login_token_2fa', '42'],
|
||||
['theUserId', 'login_token_2fa', '43'],
|
||||
['theUserId', 'login_token_2fa', '44'],
|
||||
);
|
||||
|
||||
$this->tokenProvider->expects($this->exactly(3))
|
||||
->method('invalidateTokenById')
|
||||
->withConsecutive(
|
||||
['theUserId', 42],
|
||||
['theUserId', 43],
|
||||
['theUserId', 44],
|
||||
);
|
||||
|
||||
$this->manager->clearTwoFactorPending('theUserId');
|
||||
}
|
||||
|
||||
public function testClearTwoFactorPendingTokenDoesNotExist() {
|
||||
$this->config->method('getUserKeys')
|
||||
->with('theUserId', 'login_token_2fa')
|
||||
->willReturn([
|
||||
'42', '43', '44'
|
||||
]);
|
||||
|
||||
$this->config->expects($this->exactly(3))
|
||||
->method('deleteUserValue')
|
||||
->withConsecutive(
|
||||
['theUserId', 'login_token_2fa', '42'],
|
||||
['theUserId', 'login_token_2fa', '43'],
|
||||
['theUserId', 'login_token_2fa', '44'],
|
||||
);
|
||||
|
||||
$this->tokenProvider->expects($this->exactly(3))
|
||||
->method('invalidateTokenById')
|
||||
->withConsecutive(
|
||||
['theUserId', 42],
|
||||
['theUserId', 43],
|
||||
['theUserId', 44],
|
||||
)
|
||||
->willReturnCallback(function ($user, $tokenId) {
|
||||
if ($tokenId === 43) {
|
||||
throw new DoesNotExistException('token does not exist');
|
||||
}
|
||||
});
|
||||
|
||||
$this->manager->clearTwoFactorPending('theUserId');
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue