fix(Auth): ignore missing token when trying to set password-unconfirmable

author Arthur Schiwon <blizzz@arthur-schiwon.de>

Mon, 30 Sep 2024 08:06:58 +0000 (10:06 +0200)

committer Arthur Schiwon <blizzz@arthur-schiwon.de>

Tue, 1 Oct 2024 13:55:13 +0000 (15:55 +0200)
author Arthur Schiwon <blizzz@arthur-schiwon.de>
Mon, 30 Sep 2024 08:06:58 +0000 (10:06 +0200)
committer Arthur Schiwon <blizzz@arthur-schiwon.de>
Tue, 1 Oct 2024 13:55:13 +0000 (15:55 +0200)
diff --git a/lib/private/legacy/OC_User.php b/lib/private/legacy/OC_User.php

index 8555258604d82df3c76af0d515812527675060e6..8a17927d1b7c674851b503ab46b3454481bd8978 100644 (file)
--- a/lib/private/legacy/OC_User.php
+++ b/lib/private/legacy/OC_User.php
@@ -38,12 +38,15 @@
  
  use OC\Authentication\Token\IProvider;
  use OC\User\LoginException;
+use OCP\Authentication\Exceptions\InvalidTokenException;
+use OCP\Authentication\Exceptions\WipeTokenException;
  use OCP\EventDispatcher\IEventDispatcher;
  use OCP\IGroupManager;
  use OCP\ISession;
  use OCP\IUser;
  use OCP\IUserManager;
  use OCP\Server;
+use OCP\Session\Exceptions\SessionNotAvailableException;
  use OCP\User\Events\BeforeUserLoggedInEvent;
  use OCP\User\Events\UserLoggedInEvent;
  use Psr\Log\LoggerInterface;
@@ -201,12 +204,17 @@ class OC_User {
  
                                 if (empty($password)) {
                                         $tokenProvider = \OC::$server->get(IProvider::class);
-                                       $token = $tokenProvider->getToken($userSession->getSession()->getId());
-                                       $token->setScope([
-                                               'password-unconfirmable' => true,
-                                               'filesystem' => true,
-                                       ]);
-                                       $tokenProvider->updateToken($token);
+                                       try {
+                                               $token = $tokenProvider->getToken($userSession->getSession()->getId());
+                                               $token->setScope([
+                                                       'password-unconfirmable' => true,
+                                                       'filesystem' => true,
+                                               ]);
+                                               $tokenProvider->updateToken($token);
+                                       } catch (InvalidTokenException|WipeTokenException|SessionNotAvailableException) {
+                                               // swallow the exceptions as we do not deal with them here
+                                               // simply skip updating the token when is it missing
+                                       }
                                 }
  
                                 // setup the filesystem
author	Arthur Schiwon <blizzz@arthur-schiwon.de>
	Mon, 30 Sep 2024 08:06:58 +0000 (10:06 +0200)
committer	Arthur Schiwon <blizzz@arthur-schiwon.de>
	Tue, 1 Oct 2024 13:55:13 +0000 (15:55 +0200)