]> source.dussan.org Git - nextcloud-server.git/commitdiff
fix: Handle exception when clearing previously removed two factor tokens backport/48933/stable29 49097/head
authorDaniel Calviño Sánchez <danxuliu@gmail.com>
Mon, 28 Oct 2024 09:15:16 +0000 (10:15 +0100)
committerbackportbot[bot] <backportbot[bot]@users.noreply.github.com>
Tue, 5 Nov 2024 10:49:31 +0000 (10:49 +0000)
If a token was already removed from the database but not from the
configuration clearing the tokens will try to remove it again from the
database, which caused a DoesNotExistException to be thrown.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
lib/private/Authentication/TwoFactorAuth/Manager.php
tests/lib/Authentication/TwoFactorAuth/ManagerTest.php

index 209b32d46a328beddfe624d8820c080d0b3ec93a..d3d5486da9471147a2f271eeca13c3e324d9e0fa 100644 (file)
@@ -31,6 +31,7 @@ use BadMethodCallException;
 use Exception;
 use OC\Authentication\Token\IProvider as TokenProvider;
 use OCP\Activity\IManager;
+use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\Authentication\Exceptions\InvalidTokenException;
 use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
@@ -387,7 +388,10 @@ class Manager {
                foreach ($tokensNeeding2FA as $tokenId) {
                        $this->config->deleteUserValue($userId, 'login_token_2fa', $tokenId);
 
-                       $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
+                       try {
+                               $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
+                       } catch (DoesNotExistException $e) {
+                       }
                }
        }
 }
index c741ff068ac59bfb46c29aa9117f4743da9be7ca..23ae5d93fdda374b179f67403905317fc3834b6b 100644 (file)
@@ -29,6 +29,7 @@ use OC\Authentication\TwoFactorAuth\MandatoryTwoFactor;
 use OC\Authentication\TwoFactorAuth\ProviderLoader;
 use OCP\Activity\IEvent;
 use OCP\Activity\IManager;
+use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
 use OCP\Authentication\TwoFactorAuth\IProvider;
@@ -741,4 +742,35 @@ class ManagerTest extends TestCase {
 
                $this->manager->clearTwoFactorPending('theUserId');
        }
+
+       public function testClearTwoFactorPendingTokenDoesNotExist() {
+               $this->config->method('getUserKeys')
+                       ->with('theUserId', 'login_token_2fa')
+                       ->willReturn([
+                               '42', '43', '44'
+                       ]);
+
+               $this->config->expects($this->exactly(3))
+                       ->method('deleteUserValue')
+                       ->withConsecutive(
+                               ['theUserId', 'login_token_2fa', '42'],
+                               ['theUserId', 'login_token_2fa', '43'],
+                               ['theUserId', 'login_token_2fa', '44'],
+                       );
+
+               $this->tokenProvider->expects($this->exactly(3))
+                       ->method('invalidateTokenById')
+                       ->withConsecutive(
+                               ['theUserId', 42],
+                               ['theUserId', 43],
+                               ['theUserId', 44],
+                       )
+                       ->willReturnCallback(function ($user, $tokenId) {
+                               if ($tokenId === 43) {
+                                       throw new DoesNotExistException('token does not exist');
+                               }
+                       });
+
+               $this->manager->clearTwoFactorPending('theUserId');
+       }
 }