fix: Clear pending two factor tokens also from configuration

Otherwise as the tokens were removed from the database but not from the
configuration the next time that the tokens were cleared the previous
tokens were still got from the configuration, and trying to remove them
again from the database ended in a DoesNotExistException being thrown.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php
index 3870c797f8dcf3626c955f1e1488507d515b3128..9611bdec659d3e9fdb8f53c9387b26c0d51e7778 100644 (file)
--- a/lib/private/Authentication/TwoFactorAuth/Manager.php
+++ b/lib/private/Authentication/TwoFactorAuth/Manager.php
@@ -385,6 +385,8 @@ class Manager {
                $tokensNeeding2FA = $this->config->getUserKeys($userId, 'login_token_2fa');
 
                foreach ($tokensNeeding2FA as $tokenId) {
+                       $this->config->deleteUserValue($userId, 'login_token_2fa', $tokenId);
+
                        $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
                }
        }

diff --git a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
index a2655f58649e550a088db4ee11dcce18342ad509..c741ff068ac59bfb46c29aa9117f4743da9be7ca 100644 (file)
--- a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
+++ b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
@@ -715,4 +715,30 @@ class ManagerTest extends TestCase {
 
                $this->assertFalse($this->manager->needsSecondFactor($user));
        }
+
+       public function testClearTwoFactorPending() {
+               $this->config->method('getUserKeys')
+                       ->with('theUserId', 'login_token_2fa')
+                       ->willReturn([
+                               '42', '43', '44'
+                       ]);
+
+               $this->config->expects($this->exactly(3))
+                       ->method('deleteUserValue')
+                       ->withConsecutive(
+                               ['theUserId', 'login_token_2fa', '42'],
+                               ['theUserId', 'login_token_2fa', '43'],
+                               ['theUserId', 'login_token_2fa', '44'],
+                       );
+
+               $this->tokenProvider->expects($this->exactly(3))
+                       ->method('invalidateTokenById')
+                       ->withConsecutive(
+                               ['theUserId', 42],
+                               ['theUserId', 43],
+                               ['theUserId', 44],
+                       );
+
+               $this->manager->clearTwoFactorPending('theUserId');
+       }
 }