upstream/nextcloud
1
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2026-05-28 04:32:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 25

Merge pull request #60575 from nextcloud/backport/60547/stable32

Browse source 
[stable32] fix: don't tell the remote their token is lower
This commit is contained in:
Stephan Orbaugh 2026-05-20 16:38:53 +02:00 committed by GitHub
commit d0c2d97202
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
apps/federation/lib/Controller/OCSAuthAPIController.php
View file

@ -109,7 +109,7 @@ class OCSAuthAPIController extends OCSController {
$this->logger->info(
'remote server (' . $url . ') presented lower token. We will initiate the exchange of the shared secret.'
);
throw new OCSForbiddenException();
return new DataResponse();
}
$this->jobList->add(

5
apps/federation/tests/Controller/OCSAuthAPIControllerTest.php
View file

@ -90,9 +90,9 @@ class OCSAuthAPIControllerTest extends TestCase {
try {
$this->ocsAuthApi->requestSharedSecret($url, $token);
$this->assertTrue($ok);
$this->assertTrue($isTrustedServer);
} catch (OCSForbiddenException $e) {
$this->assertFalse($ok);
$this->assertFalse($isTrustedServer);
}
}
@ -144,7 +144,6 @@ class OCSAuthAPIControllerTest extends TestCase {
try {
$result = $ocsAuthApi->getSharedSecret($url, $token);
$this->assertTrue($ok);
$data = $result->getData();
$this->assertSame('secret', $data['sharedSecret']);
} catch (OCSForbiddenException $e) {