From 9aa992e60b63a80188a5bdf4106b746fd8fef19c Mon Sep 17 00:00:00 2001 From: Sergej Nikolaev Date: Fri, 4 Oct 2019 03:28:48 +0300 Subject: [PATCH] fix updating and deleting authtokens Signed-off-by: Sergej Nikolaev --- .../lib/Controller/AuthSettingsController.php | 8 +++- .../Controller/AuthSettingsControllerTest.php | 45 +++++++++++++++++++ 2 files changed, 51 insertions(+), 2 deletions(-) diff --git a/apps/settings/lib/Controller/AuthSettingsController.php b/apps/settings/lib/Controller/AuthSettingsController.php index b948cd5065d..8325c911283 100644 --- a/apps/settings/lib/Controller/AuthSettingsController.php +++ b/apps/settings/lib/Controller/AuthSettingsController.php @@ -29,6 +29,7 @@ namespace OCA\Settings\Controller; use BadMethodCallException; use OC\Authentication\Exceptions\InvalidTokenException; +use OC\Authentication\Exceptions\ExpiredTokenException; use OC\Authentication\Exceptions\PasswordlessTokenException; use OC\Authentication\Exceptions\WipeTokenException; use OC\Authentication\Token\INamedToken; @@ -259,10 +260,13 @@ class AuthSettingsController extends Controller { * @param int $id * @return IToken * @throws InvalidTokenException - * @throws \OC\Authentication\Exceptions\ExpiredTokenException */ private function findTokenByIdAndUser(int $id): IToken { - $token = $this->tokenProvider->getTokenById($id); + try { + $token = $this->tokenProvider->getTokenById($id); + } catch (ExpiredTokenException $e) { + $token = $e->getToken(); + } if ($token->getUID() !== $this->uid) { throw new InvalidTokenException('This token does not belong to you!'); } diff --git a/apps/settings/tests/Controller/AuthSettingsControllerTest.php b/apps/settings/tests/Controller/AuthSettingsControllerTest.php index 88913b1f03f..40000e19171 100644 --- a/apps/settings/tests/Controller/AuthSettingsControllerTest.php +++ b/apps/settings/tests/Controller/AuthSettingsControllerTest.php @@ -23,6 +23,7 @@ namespace Test\Settings\Controller; use OC\AppFramework\Http; use OC\Authentication\Exceptions\InvalidTokenException; +use OC\Authentication\Exceptions\ExpiredTokenException; use OC\Authentication\Token\DefaultToken; use OC\Authentication\Token\IProvider; use OC\Authentication\Token\IToken; @@ -188,6 +189,30 @@ class AuthSettingsControllerTest extends TestCase { $this->assertEquals([], $this->controller->destroy($tokenId)); } + public function testDestroyExpired() { + $tokenId = 124; + $token = $this->createMock(DefaultToken::class); + + $token->expects($this->exactly(2)) + ->method('getId') + ->willReturn($tokenId); + + $token->expects($this->once()) + ->method('getUID') + ->willReturn($this->uid); + + $this->tokenProvider->expects($this->once()) + ->method('getTokenById') + ->with($this->equalTo($tokenId)) + ->willThrowException(new ExpiredTokenException($token)); + + $this->tokenProvider->expects($this->once()) + ->method('invalidateTokenById') + ->with($this->uid, $tokenId); + + $this->assertSame([], $this->controller->destroy($tokenId)); + } + public function testDestroyWrongUser() { $tokenId = 124; $token = $this->createMock(DefaultToken::class); @@ -320,6 +345,26 @@ class AuthSettingsControllerTest extends TestCase { $this->assertSame([], $this->controller->update($tokenId, ['filesystem' => true], 'App password')); } + public function testUpdateExpired() { + $tokenId = 42; + $token = $this->createMock(DefaultToken::class); + + $token->expects($this->once()) + ->method('getUID') + ->willReturn($this->uid); + + $this->tokenProvider->expects($this->once()) + ->method('getTokenById') + ->with($this->equalTo($tokenId)) + ->willThrowException(new ExpiredTokenException($token)); + + $this->tokenProvider->expects($this->once()) + ->method('updateToken') + ->with($this->equalTo($token)); + + $this->assertSame([], $this->controller->update($tokenId, ['filesystem' => true], 'App password')); + } + public function testUpdateTokenWrongUser() { $tokenId = 42; $token = $this->createMock(DefaultToken::class); -- 2.39.5