fix: Handle exception when clearing previously removed two factor tokens

If a token was already removed from the database but not from the
configuration clearing the tokens will try to remove it again from the
database, which caused a DoesNotExistException to be thrown.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>

diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php
index 9611bdec659d3e9fdb8f53c9387b26c0d51e7778..b066f00901fece16d2d9cd0ddf2106c2d222a79b 100644 (file)
--- a/lib/private/Authentication/TwoFactorAuth/Manager.php
+++ b/lib/private/Authentication/TwoFactorAuth/Manager.php
@@ -31,6 +31,7 @@ use BadMethodCallException;
 use Exception;
 use OC\Authentication\Token\IProvider as TokenProvider;
 use OCP\Activity\IManager;
+use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\Authentication\Exceptions\InvalidTokenException;
 use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
@@ -387,7 +388,10 @@ class Manager {
                foreach ($tokensNeeding2FA as $tokenId) {
                        $this->config->deleteUserValue($userId, 'login_token_2fa', $tokenId);
 
-                       $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
+                       try {
+                               $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
+                       } catch (DoesNotExistException $e) {
+                       }
                }
        }
 }

diff --git a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
index c741ff068ac59bfb46c29aa9117f4743da9be7ca..23ae5d93fdda374b179f67403905317fc3834b6b 100644 (file)
--- a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
+++ b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php
@@ -29,6 +29,7 @@ use OC\Authentication\TwoFactorAuth\MandatoryTwoFactor;
 use OC\Authentication\TwoFactorAuth\ProviderLoader;
 use OCP\Activity\IEvent;
 use OCP\Activity\IManager;
+use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
 use OCP\Authentication\TwoFactorAuth\IProvider;
@@ -741,4 +742,35 @@ class ManagerTest extends TestCase {
 
                $this->manager->clearTwoFactorPending('theUserId');
        }
+
+       public function testClearTwoFactorPendingTokenDoesNotExist() {
+               $this->config->method('getUserKeys')
+                       ->with('theUserId', 'login_token_2fa')
+                       ->willReturn([
+                               '42', '43', '44'
+                       ]);
+
+               $this->config->expects($this->exactly(3))
+                       ->method('deleteUserValue')
+                       ->withConsecutive(
+                               ['theUserId', 'login_token_2fa', '42'],
+                               ['theUserId', 'login_token_2fa', '43'],
+                               ['theUserId', 'login_token_2fa', '44'],
+                       );
+
+               $this->tokenProvider->expects($this->exactly(3))
+                       ->method('invalidateTokenById')
+                       ->withConsecutive(
+                               ['theUserId', 42],
+                               ['theUserId', 43],
+                               ['theUserId', 44],
+                       )
+                       ->willReturnCallback(function ($user, $tokenId) {
+                               if ($tokenId === 43) {
+                                       throw new DoesNotExistException('token does not exist');
+                               }
+                       });
+
+               $this->manager->clearTwoFactorPending('theUserId');
+       }
 }