Fix missing login hook wih Apache/SAML

Without this patch the hook does not transport the information whether the login is
done with an app password or not. The suspicious login app requires the parameter
to function correctly, hence adding it will make suspicious login detection also possible
with SAML users.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>

diff --git a/lib/private/legacy/user.php b/lib/private/legacy/user.php
index f1c233819875d16fa0d77dd615765e14cb91c0e9..175c8f2e5d6972d5e6b11d0273fc85b518d433a8 100644 (file)
--- a/lib/private/legacy/user.php
+++ b/lib/private/legacy/user.php
@@ -181,7 +181,15 @@ class OC_User {
                                // completed before we can safely create the users folder.
                                // For example encryption needs to initialize the users keys first
                                // before we can create the user folder with the skeleton files
-                               OC_Hook::emit("OC_User", "post_login", array("uid" => $uid, 'password' => ''));
+                               OC_Hook::emit(
+                                       'OC_User',
+                                       'post_login',
+                                       [
+                                               'uid' => $uid,
+                                               'password' => '',
+                                               'isTokenLogin' => false,
+                                       ]
+                               );
                                //trigger creation of user home and /files folder
                                \OC::$server->getUserFolder($uid);
                        }