@@ -150,6 +150,23 @@ class DefaultTokenProvider implements IProvider { | |||
return $this->decryptPassword($password, $tokenId); | |||
} | |||
/** | |||
* Encrypt and set the password of the given token | |||
* | |||
* @param IToken $token | |||
* @param string $tokenId | |||
* @param string $password | |||
* @throws InvalidTokenException | |||
*/ | |||
public function setPassword(IToken $token, $tokenId, $password) { | |||
if (!($token instanceof DefaultToken)) { | |||
throw new InvalidTokenException(); | |||
} | |||
/** @var DefaultToken $token */ | |||
$token->setPassword($this->encryptPassword($password, $tokenId)); | |||
$this->mapper->update($token); | |||
} | |||
/** | |||
* Invalidate (delete) the given session token | |||
* |
@@ -99,4 +99,14 @@ interface IProvider { | |||
* @return string | |||
*/ | |||
public function getPassword(IToken $token, $tokenId); | |||
/** | |||
* Encrypt and set the password of the given token | |||
* | |||
* @param IToken $token | |||
* @param string $tokenId | |||
* @param string $password | |||
* @throws InvalidTokenException | |||
*/ | |||
public function setPassword(IToken $token, $tokenId, $password); | |||
} |
@@ -676,4 +676,21 @@ class Session implements IUserSession, Emitter { | |||
setcookie('oc_remember_login', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true); | |||
} | |||
/** | |||
* Update password of the browser session token if there is one | |||
* | |||
* @param string $password | |||
*/ | |||
public function updateSessionTokenPassword($password) { | |||
try { | |||
$sessionId = $this->session->getId(); | |||
$token = $this->tokenProvider->getToken($sessionId); | |||
$this->tokenProvider->setPassword($token, $sessionId, $password); | |||
} catch (SessionNotAvailableException $ex) { | |||
// Nothing to do | |||
} catch (InvalidTokenException $ex) { | |||
// Nothing to do | |||
} | |||
} | |||
} |
@@ -46,6 +46,7 @@ class Controller { | |||
exit(); | |||
} | |||
if (!is_null($password) && \OC_User::setPassword($username, $password)) { | |||
\OC::$server->getUserSession()->updateSessionTokenPassword($username, $password); | |||
\OC_JSON::success(); | |||
} else { | |||
\OC_JSON::error(); |
@@ -175,6 +175,39 @@ class DefaultTokenProviderTest extends TestCase { | |||
$tokenProvider->getPassword($tk, $token); | |||
} | |||
public function testSetPassword() { | |||
$token = new DefaultToken(); | |||
$tokenId = 'token123'; | |||
$password = '123456'; | |||
$this->config->expects($this->once()) | |||
->method('getSystemValue') | |||
->with('secret') | |||
->will($this->returnValue('ocsecret')); | |||
$this->crypto->expects($this->once()) | |||
->method('encrypt') | |||
->with($password, $tokenId . 'ocsecret') | |||
->will($this->returnValue('encryptedpassword')); | |||
$this->mapper->expects($this->once()) | |||
->method('update') | |||
->with($token); | |||
$this->tokenProvider->setPassword($token, $tokenId, $password); | |||
$this->assertEquals('encryptedpassword', $token->getPassword()); | |||
} | |||
/** | |||
* @expectedException \OC\Authentication\Exceptions\InvalidTokenException | |||
*/ | |||
public function testSetPasswordInvalidToken() { | |||
$token = $this->getMock('\OC\Authentication\Token\IToken'); | |||
$tokenId = 'token123'; | |||
$password = '123456'; | |||
$this->tokenProvider->setPassword($token, $tokenId, $password); | |||
} | |||
public function testInvalidateToken() { | |||
$this->mapper->expects($this->once()) | |||
->method('invalidate') |
@@ -818,4 +818,69 @@ class SessionTest extends \Test\TestCase { | |||
$this->invokePrivate($userSession, 'validateSession', [$user]); | |||
} | |||
public function testUpdateSessionTokenPassword() { | |||
$userManager = $this->getMock('\OCP\IUserManager'); | |||
$session = $this->getMock('\OCP\ISession'); | |||
$timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory'); | |||
$tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider'); | |||
$userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config); | |||
$password = '123456'; | |||
$sessionId ='session1234'; | |||
$token = new \OC\Authentication\Token\DefaultToken(); | |||
$session->expects($this->once()) | |||
->method('getId') | |||
->will($this->returnValue($sessionId)); | |||
$tokenProvider->expects($this->once()) | |||
->method('getToken') | |||
->with($sessionId) | |||
->will($this->returnValue($token)); | |||
$tokenProvider->expects($this->once()) | |||
->method('setPassword') | |||
->with($token, $sessionId, $password); | |||
$userSession->updateSessionTokenPassword($password); | |||
} | |||
public function testUpdateSessionTokenPasswordNoSessionAvailable() { | |||
$userManager = $this->getMock('\OCP\IUserManager'); | |||
$session = $this->getMock('\OCP\ISession'); | |||
$timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory'); | |||
$tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider'); | |||
$userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config); | |||
$session->expects($this->once()) | |||
->method('getId') | |||
->will($this->throwException(new \OCP\Session\Exceptions\SessionNotAvailableException())); | |||
$userSession->updateSessionTokenPassword('1234'); | |||
} | |||
public function testUpdateSessionTokenPasswordInvalidTokenException() { | |||
$userManager = $this->getMock('\OCP\IUserManager'); | |||
$session = $this->getMock('\OCP\ISession'); | |||
$timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory'); | |||
$tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider'); | |||
$userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config); | |||
$password = '123456'; | |||
$sessionId ='session1234'; | |||
$token = new \OC\Authentication\Token\DefaultToken(); | |||
$session->expects($this->once()) | |||
->method('getId') | |||
->will($this->returnValue($sessionId)); | |||
$tokenProvider->expects($this->once()) | |||
->method('getToken') | |||
->with($sessionId) | |||
->will($this->returnValue($token)); | |||
$tokenProvider->expects($this->once()) | |||
->method('setPassword') | |||
->with($token, $sessionId, $password) | |||
->will($this->throwException(new \OC\Authentication\Exceptions\InvalidTokenException())); | |||
$userSession->updateSessionTokenPassword($password); | |||
} | |||
} |