fix: Clear pending two factor tokens also from configuration

Otherwise as the tokens were removed from the database but not from the
configuration the next time that the tokens were cleared the previous
tokens were still got from the configuration, and trying to remove them
again from the database ended in a DoesNotExistException being thrown.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php
index 3722b4506812cf39cc7604b43cdf303cf22781c9..209b32d46a328beddfe624d8820c080d0b3ec93a 100644 (file)
--- a/lib/private/Authentication/TwoFactorAuth/Manager.php
+++ b/lib/private/Authentication/TwoFactorAuth/Manager.php
@@ -385,6 +385,8 @@ class Manager {
                $tokensNeeding2FA = $this->config->getUserKeys($userId, 'login_token_2fa');
 
                foreach ($tokensNeeding2FA as $tokenId) {
+                       $this->config->deleteUserValue($userId, 'login_token_2fa', $tokenId);
+
                        $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
                }
        }

diff --git a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
index a2655f58649e550a088db4ee11dcce18342ad509..c741ff068ac59bfb46c29aa9117f4743da9be7ca 100644 (file)
--- a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
+++ b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
@@ -715,4 +715,30 @@ class ManagerTest extends TestCase {
 
                $this->assertFalse($this->manager->needsSecondFactor($user));
        }
+
+       public function testClearTwoFactorPending() {
+               $this->config->method('getUserKeys')
+                       ->with('theUserId', 'login_token_2fa')
+                       ->willReturn([
+                               '42', '43', '44'
+                       ]);
+
+               $this->config->expects($this->exactly(3))
+                       ->method('deleteUserValue')
+                       ->withConsecutive(
+                               ['theUserId', 'login_token_2fa', '42'],
+                               ['theUserId', 'login_token_2fa', '43'],
+                               ['theUserId', 'login_token_2fa', '44'],
+                       );
+
+               $this->tokenProvider->expects($this->exactly(3))
+                       ->method('invalidateTokenById')
+                       ->withConsecutive(
+                               ['theUserId', 42],
+                               ['theUserId', 43],
+                               ['theUserId', 44],
+                       );
+
+               $this->manager->clearTwoFactorPending('theUserId');
+       }
 }