return $this->decryptPassword($password, $tokenId); | return $this->decryptPassword($password, $tokenId); | ||||
} | } | ||||
/** | |||||
* Encrypt and set the password of the given token | |||||
* | |||||
* @param IToken $token | |||||
* @param string $tokenId | |||||
* @param string $password | |||||
* @throws InvalidTokenException | |||||
*/ | |||||
public function setPassword(IToken $token, $tokenId, $password) { | |||||
if (!($token instanceof DefaultToken)) { | |||||
throw new InvalidTokenException(); | |||||
} | |||||
/** @var DefaultToken $token */ | |||||
$token->setPassword($this->encryptPassword($password, $tokenId)); | |||||
$this->mapper->update($token); | |||||
} | |||||
/** | /** | ||||
* Invalidate (delete) the given session token | * Invalidate (delete) the given session token | ||||
* | * |
* @return string | * @return string | ||||
*/ | */ | ||||
public function getPassword(IToken $token, $tokenId); | public function getPassword(IToken $token, $tokenId); | ||||
/** | |||||
* Encrypt and set the password of the given token | |||||
* | |||||
* @param IToken $token | |||||
* @param string $tokenId | |||||
* @param string $password | |||||
* @throws InvalidTokenException | |||||
*/ | |||||
public function setPassword(IToken $token, $tokenId, $password); | |||||
} | } |
setcookie('oc_remember_login', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true); | setcookie('oc_remember_login', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true); | ||||
} | } | ||||
/** | |||||
* Update password of the browser session token if there is one | |||||
* | |||||
* @param string $password | |||||
*/ | |||||
public function updateSessionTokenPassword($password) { | |||||
try { | |||||
$sessionId = $this->session->getId(); | |||||
$token = $this->tokenProvider->getToken($sessionId); | |||||
$this->tokenProvider->setPassword($token, $sessionId, $password); | |||||
} catch (SessionNotAvailableException $ex) { | |||||
// Nothing to do | |||||
} catch (InvalidTokenException $ex) { | |||||
// Nothing to do | |||||
} | |||||
} | |||||
} | } |
exit(); | exit(); | ||||
} | } | ||||
if (!is_null($password) && \OC_User::setPassword($username, $password)) { | if (!is_null($password) && \OC_User::setPassword($username, $password)) { | ||||
\OC::$server->getUserSession()->updateSessionTokenPassword($username, $password); | |||||
\OC_JSON::success(); | \OC_JSON::success(); | ||||
} else { | } else { | ||||
\OC_JSON::error(); | \OC_JSON::error(); |
$tokenProvider->getPassword($tk, $token); | $tokenProvider->getPassword($tk, $token); | ||||
} | } | ||||
public function testSetPassword() { | |||||
$token = new DefaultToken(); | |||||
$tokenId = 'token123'; | |||||
$password = '123456'; | |||||
$this->config->expects($this->once()) | |||||
->method('getSystemValue') | |||||
->with('secret') | |||||
->will($this->returnValue('ocsecret')); | |||||
$this->crypto->expects($this->once()) | |||||
->method('encrypt') | |||||
->with($password, $tokenId . 'ocsecret') | |||||
->will($this->returnValue('encryptedpassword')); | |||||
$this->mapper->expects($this->once()) | |||||
->method('update') | |||||
->with($token); | |||||
$this->tokenProvider->setPassword($token, $tokenId, $password); | |||||
$this->assertEquals('encryptedpassword', $token->getPassword()); | |||||
} | |||||
/** | |||||
* @expectedException \OC\Authentication\Exceptions\InvalidTokenException | |||||
*/ | |||||
public function testSetPasswordInvalidToken() { | |||||
$token = $this->getMock('\OC\Authentication\Token\IToken'); | |||||
$tokenId = 'token123'; | |||||
$password = '123456'; | |||||
$this->tokenProvider->setPassword($token, $tokenId, $password); | |||||
} | |||||
public function testInvalidateToken() { | public function testInvalidateToken() { | ||||
$this->mapper->expects($this->once()) | $this->mapper->expects($this->once()) | ||||
->method('invalidate') | ->method('invalidate') |
$this->invokePrivate($userSession, 'validateSession', [$user]); | $this->invokePrivate($userSession, 'validateSession', [$user]); | ||||
} | } | ||||
public function testUpdateSessionTokenPassword() { | |||||
$userManager = $this->getMock('\OCP\IUserManager'); | |||||
$session = $this->getMock('\OCP\ISession'); | |||||
$timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory'); | |||||
$tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider'); | |||||
$userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config); | |||||
$password = '123456'; | |||||
$sessionId ='session1234'; | |||||
$token = new \OC\Authentication\Token\DefaultToken(); | |||||
$session->expects($this->once()) | |||||
->method('getId') | |||||
->will($this->returnValue($sessionId)); | |||||
$tokenProvider->expects($this->once()) | |||||
->method('getToken') | |||||
->with($sessionId) | |||||
->will($this->returnValue($token)); | |||||
$tokenProvider->expects($this->once()) | |||||
->method('setPassword') | |||||
->with($token, $sessionId, $password); | |||||
$userSession->updateSessionTokenPassword($password); | |||||
} | |||||
public function testUpdateSessionTokenPasswordNoSessionAvailable() { | |||||
$userManager = $this->getMock('\OCP\IUserManager'); | |||||
$session = $this->getMock('\OCP\ISession'); | |||||
$timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory'); | |||||
$tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider'); | |||||
$userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config); | |||||
$session->expects($this->once()) | |||||
->method('getId') | |||||
->will($this->throwException(new \OCP\Session\Exceptions\SessionNotAvailableException())); | |||||
$userSession->updateSessionTokenPassword('1234'); | |||||
} | |||||
public function testUpdateSessionTokenPasswordInvalidTokenException() { | |||||
$userManager = $this->getMock('\OCP\IUserManager'); | |||||
$session = $this->getMock('\OCP\ISession'); | |||||
$timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory'); | |||||
$tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider'); | |||||
$userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config); | |||||
$password = '123456'; | |||||
$sessionId ='session1234'; | |||||
$token = new \OC\Authentication\Token\DefaultToken(); | |||||
$session->expects($this->once()) | |||||
->method('getId') | |||||
->will($this->returnValue($sessionId)); | |||||
$tokenProvider->expects($this->once()) | |||||
->method('getToken') | |||||
->with($sessionId) | |||||
->will($this->returnValue($token)); | |||||
$tokenProvider->expects($this->once()) | |||||
->method('setPassword') | |||||
->with($token, $sessionId, $password) | |||||
->will($this->throwException(new \OC\Authentication\Exceptions\InvalidTokenException())); | |||||
$userSession->updateSessionTokenPassword($password); | |||||
} | |||||
} | } |