From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Fri, 7 Sep 2018 08:01:31 +0000 (+0200)
Subject: Expire tokens hardening
X-Git-Tag: v14.0.1RC1~20^2
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=c83ac2472da15d85ad32c8ca72cb3e65b86a4bdb;p=nextcloud-server.git

Expire tokens hardening

Just to be sure that the field is also not 0

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---

diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index f6a6fc3455f..73bd7a711dc 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -80,7 +80,7 @@ class PublicKeyTokenProvider implements IProvider {
 			throw new InvalidTokenException();
 		}
 
-		if ($token->getExpires() !== null && $token->getExpires() < $this->time->getTime()) {
+		if ($token->getExpires() !== null && $token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
 			throw new ExpiredTokenException($token);
 		}