Expire tokens hardening

Just to be sure that the field is also not 0

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>

diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index f6a6fc3455f3dccf215e81a9c069756c1caf8236..73bd7a711dca2568cb53528d09d988279f427c75 100644 (file)
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -80,7 +80,7 @@ class PublicKeyTokenProvider implements IProvider {
                        throw new InvalidTokenException();
                }
 
-               if ($token->getExpires() !== null && $token->getExpires() < $this->time->getTime()) {
+               if ($token->getExpires() !== null && $token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
                        throw new ExpiredTokenException($token);
                }