From 702445ba3b454f14085710617ec09ce2134a56dc Mon Sep 17 00:00:00 2001
From: Carl Schwan <carl@carlschwan.eu>
Date: Wed, 13 Jul 2022 15:27:55 +0200
Subject: [PATCH] Handle one time password better

Signed-off-by: Carl Schwan <carl@carlschwan.eu>
---
 .../Authentication/Token/PublicKeyTokenProvider.php    |  2 +-
 .../Token/PublicKeyTokenProviderTest.php               | 10 +++++++++-
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index 96bf9a86087..26928025b23 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -401,7 +401,7 @@ class PublicKeyTokenProvider implements IProvider {
 		$this->cache->clear();
 
 		// prevent setting an empty pw as result of pw-less-login
-		if ($password === '') {
+		if ($password === '' || !$this->config->getSystemValueBool('auth.storeCryptedPassword', true)) {
 			return;
 		}
 
diff --git a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php
index db61244db5b..1ef0aa80817 100644
--- a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php
+++ b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php
@@ -98,7 +98,7 @@ class PublicKeyTokenProviderTest extends TestCase {
 		$this->assertSame($password, $this->tokenProvider->getPassword($actual, $token));
 	}
 
-	public function testGenerateTokenNoPassword() {
+	public function testGenerateTokenNoPassword(): void {
 		$token = 'token';
 		$uid = 'user';
 		$user = 'User';
@@ -171,6 +171,10 @@ class PublicKeyTokenProviderTest extends TestCase {
 			->method('updateActivity')
 			->with($tk, $this->time);
 		$tk->setLastActivity($this->time - 200);
+		$this->config->method('getSystemValueBool')
+			->willReturnMap([
+				['auth.storeCryptedPassword', true, true],
+			]);
 
 		$this->tokenProvider->updateTokenActivity($tk);
 
@@ -578,6 +582,10 @@ class PublicKeyTokenProviderTest extends TestCase {
 			'random2',
 			IToken::PERMANENT_TOKEN,
 			IToken::REMEMBER);
+		$this->config->method('getSystemValueBool')
+			->willReturnMap([
+				['auth.storeCryptedPassword', true, true],
+			]);
 
 		$this->mapper->method('hasExpiredTokens')
 			->with($uid)
-- 
2.39.5