Browse Source
Throw an invalid token exception is token is marked outdated
This avoids hitting the backend with multiple requests for the same token. And will help avoid quick LDAP lockouts. Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>tags/v18.0.0beta1
Roeland Jago Douma
4 years ago
4 changed files with 42 additions and 0 deletions
+ 1
- 0
lib/composer/composer/autoload_classmap.php
View File
| @@ -559,6 +559,7 @@ return array( | |||
| 'OC\\Authentication\\Exceptions\\LoginRequiredException' => $baseDir . '/lib/private/Authentication/Exceptions/LoginRequiredException.php', | |||
| 'OC\\Authentication\\Exceptions\\PasswordLoginForbiddenException' => $baseDir . '/lib/private/Authentication/Exceptions/PasswordLoginForbiddenException.php', | |||
| 'OC\\Authentication\\Exceptions\\PasswordlessTokenException' => $baseDir . '/lib/private/Authentication/Exceptions/PasswordlessTokenException.php', | |||
| 'OC\\Authentication\\Exceptions\\TokenPasswordExpiredException' => $baseDir . '/lib/private/Authentication/Exceptions/TokenPasswordExpiredException.php', | |||
| 'OC\\Authentication\\Exceptions\\TwoFactorAuthRequiredException' => $baseDir . '/lib/private/Authentication/Exceptions/TwoFactorAuthRequiredException.php', | |||
| 'OC\\Authentication\\Exceptions\\UserAlreadyLoggedInException' => $baseDir . '/lib/private/Authentication/Exceptions/UserAlreadyLoggedInException.php', | |||
| 'OC\\Authentication\\Exceptions\\WipeTokenException' => $baseDir . '/lib/private/Authentication/Exceptions/WipeTokenException.php', | |||
+ 1
- 0
lib/composer/composer/autoload_static.php
View File
| @@ -588,6 +588,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c | |||
| 'OC\\Authentication\\Exceptions\\LoginRequiredException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/LoginRequiredException.php', | |||
| 'OC\\Authentication\\Exceptions\\PasswordLoginForbiddenException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/PasswordLoginForbiddenException.php', | |||
| 'OC\\Authentication\\Exceptions\\PasswordlessTokenException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/PasswordlessTokenException.php', | |||
| 'OC\\Authentication\\Exceptions\\TokenPasswordExpiredException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/TokenPasswordExpiredException.php', | |||
| 'OC\\Authentication\\Exceptions\\TwoFactorAuthRequiredException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/TwoFactorAuthRequiredException.php', | |||
| 'OC\\Authentication\\Exceptions\\UserAlreadyLoggedInException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/UserAlreadyLoggedInException.php', | |||
| 'OC\\Authentication\\Exceptions\\WipeTokenException' => __DIR__ . '/../../..' . '/lib/private/Authentication/Exceptions/WipeTokenException.php', | |||
+ 29
- 0
lib/private/Authentication/Exceptions/TokenPasswordExpiredException.php
View File
| @@ -0,0 +1,29 @@ | |||
| <?php | |||
| declare(strict_types=1); | |||
| /** | |||
| * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl> | |||
| * | |||
| * @author Roeland Jago Douma <roeland@famdouma.nl> | |||
| * | |||
| * @license GNU AGPL version 3 or any later version | |||
| * | |||
| * This program is free software: you can redistribute it and/or modify | |||
| * it under the terms of the GNU Affero General Public License as | |||
| * published by the Free Software Foundation, either version 3 of the | |||
| * License, or (at your option) any later version. | |||
| * | |||
| * This program is distributed in the hope that it will be useful, | |||
| * but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |||
| * GNU Affero General Public License for more details. | |||
| * | |||
| * You should have received a copy of the GNU Affero General Public License | |||
| * along with this program. If not, see <http://www.gnu.org/licenses/>. | |||
| * | |||
| */ | |||
| namespace OC\Authentication\Exceptions; | |||
| class TokenPasswordExpiredException extends ExpiredTokenException { | |||
| } | |||
+ 11
- 0
lib/private/Authentication/Token/PublicKeyTokenProvider.php
View File
| @@ -25,6 +25,7 @@ namespace OC\Authentication\Token; | |||
| use OC\Authentication\Exceptions\ExpiredTokenException; | |||
| use OC\Authentication\Exceptions\InvalidTokenException; | |||
| use OC\Authentication\Exceptions\TokenPasswordExpiredException; | |||
| use OC\Authentication\Exceptions\PasswordlessTokenException; | |||
| use OC\Authentication\Exceptions\WipeTokenException; | |||
| use OC\Cache\CappedMemoryCache; | |||
| @@ -108,6 +109,11 @@ class PublicKeyTokenProvider implements IProvider { | |||
| throw new WipeTokenException($token); | |||
| } | |||
| if ($token->getPasswordInvalid() === true) { | |||
| //The password is invalid we should throw an TokenPasswordExpiredException | |||
| throw new TokenPasswordExpiredException($token); | |||
| } | |||
| return $token; | |||
| } | |||
| @@ -126,6 +132,11 @@ class PublicKeyTokenProvider implements IProvider { | |||
| throw new WipeTokenException($token); | |||
| } | |||
| if ($token->getPasswordInvalid() === true) { | |||
| //The password is invalid we should throw an TokenPasswordExpiredException | |||
| throw new TokenPasswordExpiredException($token); | |||
| } | |||
| return $token; | |||
| } | |||
Loading…