upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-06-06 23:34:22 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 28

Merge pull request #45191 from nextcloud/backport/45093/stable28

Browse source 
[stable28] fix(session): Avoid race condition for cache::get() vs. cache::hasKey()
This commit is contained in:
Joas Schilling 2024-05-06 16:30:06 +02:00 committed by GitHub
commit 9517e56ec9
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
lib/private/Authentication/Token/PublicKeyTokenProvider.php
View file

@ -192,11 +192,11 @@ class PublicKeyTokenProvider implements IProvider {
*/
private function getTokenFromCache(string $tokenHash): ?PublicKeyToken {
$serializedToken = $this->cache->get($tokenHash);
if (null === $serializedToken) {
if ($this->cache->hasKey($tokenHash)) {
throw new InvalidTokenException('Token does not exist: ' . $tokenHash);
}
if ($serializedToken === false) {
throw new InvalidTokenException('Token does not exist: ' . $tokenHash);
}
if ($serializedToken === null) {
return null;
}
@ -211,9 +211,9 @@ class PublicKeyTokenProvider implements IProvider {
$this->cache->set($token->getToken(), serialize($token), self::TOKEN_CACHE_TTL);
}
private function cacheInvalidHash(string $tokenHash) {
private function cacheInvalidHash(string $tokenHash): void {
// Invalid entries can be kept longer in cache since its unlikely to reuse them
$this->cache->set($tokenHash, null, self::TOKEN_CACHE_TTL * 2);
$this->cache->set($tokenHash, false, self::TOKEN_CACHE_TTL * 2);
}
public function getTokenById(int $tokenId): OCPIToken {