fix: Clear pending two factor tokens also from configuration

Otherwise as the tokens were removed from the database but not from the
configuration the next time that the tokens were cleared the previous
tokens were still got from the configuration, and trying to remove them
again from the database ended in a DoesNotExistException being thrown.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php
index 072ffc4f86fae88f64b4ab4ff05fc0dd93366da8..74a19ebc718443bd6699212d117344ec67fd7054 100644 (file)
--- a/lib/private/Authentication/TwoFactorAuth/Manager.php
+++ b/lib/private/Authentication/TwoFactorAuth/Manager.php
@@ -366,6 +366,8 @@ class Manager {
                $tokensNeeding2FA = $this->config->getUserKeys($userId, 'login_token_2fa');
 
                foreach ($tokensNeeding2FA as $tokenId) {
+                       $this->config->deleteUserValue($userId, 'login_token_2fa', $tokenId);
+
                        $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
                }
        }

diff --git a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
index 7701cb68302cae5a2296bcec0557a8394b2e5dc4..de761aa6dc2615e6595cc865e7e2d9e56eb6d0eb 100644 (file)
--- a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
+++ b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
@@ -701,4 +701,30 @@ class ManagerTest extends TestCase {
 
                $this->assertFalse($this->manager->needsSecondFactor($user));
        }
+
+       public function testClearTwoFactorPending() {
+               $this->config->method('getUserKeys')
+                       ->with('theUserId', 'login_token_2fa')
+                       ->willReturn([
+                               '42', '43', '44'
+                       ]);
+
+               $this->config->expects($this->exactly(3))
+                       ->method('deleteUserValue')
+                       ->withConsecutive(
+                               ['theUserId', 'login_token_2fa', '42'],
+                               ['theUserId', 'login_token_2fa', '43'],
+                               ['theUserId', 'login_token_2fa', '44'],
+                       );
+
+               $this->tokenProvider->expects($this->exactly(3))
+                       ->method('invalidateTokenById')
+                       ->withConsecutive(
+                               ['theUserId', 42],
+                               ['theUserId', 43],
+                               ['theUserId', 44],
+                       );
+
+               $this->manager->clearTwoFactorPending('theUserId');
+       }
 }