From 2f21eaaf47192fb6381eed183cbefb7e0d6ce01b Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Wed, 21 Dec 2016 09:51:21 +0100
Subject: [PATCH 1/4] Use login name to fix password confirm with ldap users

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 core/Controller/LoginController.php | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/core/Controller/LoginController.php b/core/Controller/LoginController.php
index b6add48ef61..3c81ed5242a 100644
--- a/core/Controller/LoginController.php
+++ b/core/Controller/LoginController.php
@@ -298,14 +298,10 @@ class LoginController extends Controller {
 		$currentDelay = $this->throttler->getDelay($this->request->getRemoteAddress());
 		$this->throttler->sleepDelay($this->request->getRemoteAddress());
 
-		$user = $this->userSession->getUser();
-		if (!$user instanceof IUser) {
-			return new DataResponse([], Http::STATUS_UNAUTHORIZED);
-		}
-
-		$loginResult = $this->userManager->checkPassword($user->getUID(), $password);
+		$loginName = $this->userSession->getLoginName();
+		$loginResult = $this->userManager->checkPassword($loginName, $password);
 		if ($loginResult === false) {
-			$this->throttler->registerAttempt('sudo', $this->request->getRemoteAddress(), ['user' => $user->getUID()]);
+			$this->throttler->registerAttempt('sudo', $this->request->getRemoteAddress(), ['user' => $loginName]);
 			if ($currentDelay === 0) {
 				$this->throttler->sleepDelay($this->request->getRemoteAddress());
 			}

From 5aa388bbe291a31fe96dc03836bc1c6822839109 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Wed, 21 Dec 2016 10:53:20 +0100
Subject: [PATCH 2/4] Make sure the loginname is set when logging in via cookie

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 lib/private/User/Session.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index dcda825b9db..1834bd025d1 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -743,6 +743,7 @@ class Session implements IUserSession, Emitter {
 
 		//login
 		$this->setUser($user);
+		$this->setLoginName($this->tokenProvider->getToken($sessionId)->getLoginName());
 		$user->updateLastLoginTimestamp();
 		$this->manager->emit('\OC\User', 'postRememberedLogin', [$user]);
 		return true;

From 6acfea61d0a1efd34040b45e7a3f985759125096 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Thu, 5 Jan 2017 12:16:50 +0100
Subject: [PATCH 3/4] Fix tests

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 tests/lib/User/SessionTest.php | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/tests/lib/User/SessionTest.php b/tests/lib/User/SessionTest.php
index 27cb92d6732..51560d78a6a 100644
--- a/tests/lib/User/SessionTest.php
+++ b/tests/lib/User/SessionTest.php
@@ -528,7 +528,7 @@ class SessionTest extends \Test\TestCase {
 			->getMock();
 		$userSession = $this->getMockBuilder(Session::class)
 			//override, otherwise tests will fail because of setcookie()
-			->setMethods(['setMagicInCookie'])
+			->setMethods(['setMagicInCookie', 'setLoginName'])
 			->setConstructorArgs([$manager, $session, $this->timeFactory, $this->tokenProvider, $this->config, $this->random])
 			->getMock();
 
@@ -566,6 +566,15 @@ class SessionTest extends \Test\TestCase {
 			->with($oldSessionId, $sessionId)
 			->will($this->returnValue(true));
 
+		$tokenObject = $this->createMock(IToken::class);
+		$tokenObject->expects($this->once())
+			->method('getLoginName')
+			->willReturn('foobar');
+		$this->tokenProvider->expects($this->once())
+			->method('getToken')
+			->with($sessionId)
+			->willReturn($tokenObject);
+
 		$user->expects($this->any())
 			->method('getUID')
 			->will($this->returnValue('foo'));
@@ -576,6 +585,9 @@ class SessionTest extends \Test\TestCase {
 		$session->expects($this->once())
 			->method('set')
 			->with('user_id', 'foo');
+		$userSession->expects($this->once())
+			->method('setLoginName')
+			->willReturn('foobar');
 
 		$granted = $userSession->loginWithCookie('foo', $token, $oldSessionId);
 

From 7ba665b11d226482754d4414ec032f005136aa05 Mon Sep 17 00:00:00 2001
From: Joas Schilling <coding@schilljs.com>
Date: Thu, 5 Jan 2017 12:17:01 +0100
Subject: [PATCH 4/4] Remove warning

Signed-off-by: Joas Schilling <coding@schilljs.com>
---
 tests/lib/UserTest.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/lib/UserTest.php b/tests/lib/UserTest.php
index 7a033c2921e..2a477522dea 100644
--- a/tests/lib/UserTest.php
+++ b/tests/lib/UserTest.php
@@ -25,7 +25,7 @@ class UserTest extends TestCase {
 	protected function setUp(){
 		parent::setUp();
 
-		$this->backend = $this->getMock('\Test\Util\User\Dummy');
+		$this->backend = $this->createMock(\Test\Util\User\Dummy::class);
 		$manager = \OC::$server->getUserManager();
 		$manager->registerBackend($this->backend);
 	}