upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

Handle one time password better

Browse source 
Signed-off-by: Carl Schwan <carl@carlschwan.eu>
This commit is contained in:
Carl Schwan 2022-07-13 15:27:55 +02:00
parent 22de243247
commit 702445ba3b
No known key found for this signature in database
GPG key ID: C3AA6B3A5EFA7AC5
2 changed files with 10 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
lib/private/Authentication/Token/PublicKeyTokenProvider.php
View file

@ -401,7 +401,7 @@ class PublicKeyTokenProvider implements IProvider {
$this->cache->clear();
// prevent setting an empty pw as result of pw-less-login
if ($password === '') {
if ($password === '' || !$this->config->getSystemValueBool('auth.storeCryptedPassword', true)) {
return;
}

10
tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php
View file

@ -98,7 +98,7 @@ class PublicKeyTokenProviderTest extends TestCase {
$this->assertSame($password, $this->tokenProvider->getPassword($actual, $token));
}
public function testGenerateTokenNoPassword() {
public function testGenerateTokenNoPassword(): void {
$token = 'token';
$uid = 'user';
$user = 'User';
@ -171,6 +171,10 @@ class PublicKeyTokenProviderTest extends TestCase {
->method('updateActivity')
->with($tk, $this->time);
$tk->setLastActivity($this->time - 200);
$this->config->method('getSystemValueBool')
->willReturnMap([
['auth.storeCryptedPassword', true, true],
]);
$this->tokenProvider->updateTokenActivity($tk);
@ -578,6 +582,10 @@ class PublicKeyTokenProviderTest extends TestCase {
'random2',
IToken::PERMANENT_TOKEN,
IToken::REMEMBER);
$this->config->method('getSystemValueBool')
->willReturnMap([
['auth.storeCryptedPassword', true, true],
]);
$this->mapper->method('hasExpiredTokens')
->with($uid)