diff options
| author | Louis Chemineau <louis@chmn.me> | 2024-09-24 16:20:04 +0200 |
|---|---|---|
| committer | backportbot[bot] <backportbot[bot]@users.noreply.github.com> | 2024-09-26 13:01:58 +0000 |
| commit | 413d36c994f301d4348283cfc50c2fb4da1eb521 (patch) | |
| tree | d6144ec6b82e0a77cfd92073cb0010c5e69e18d3 | |
| parent | 80d5cdef041cbeb84e7eec39baa9d7ab3a339012 (diff) | |
| download | nextcloud-server-413d36c994f301d4348283cfc50c2fb4da1eb521.tar.gz nextcloud-server-413d36c994f301d4348283cfc50c2fb4da1eb521.zip | |
fix: Use hashed password in files_external settingsbackport/48359/stable28
Signed-off-by: Louis Chemineau <louis@chmn.me>
| -rw-r--r-- | apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php b/apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php index dff5bf86625..99fb03007ea 100644 --- a/apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php +++ b/apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php @@ -37,6 +37,7 @@ use OCP\Security\ICredentialsManager; */ class GlobalAuth extends AuthMechanism { public const CREDENTIALS_IDENTIFIER = 'password::global'; + private const PWD_PLACEHOLDER = '************************'; /** @var ICredentialsManager */ protected $credentialsManager; @@ -59,11 +60,18 @@ class GlobalAuth extends AuthMechanism { 'password' => '' ]; } else { + $auth['password'] = self::PWD_PLACEHOLDER; return $auth; } } public function saveAuth($uid, $user, $password) { + // Use old password if it has not changed. + if ($password === self::PWD_PLACEHOLDER) { + $auth = $this->credentialsManager->retrieve($uid, self::CREDENTIALS_IDENTIFIER); + $password = $auth['password']; + } + $this->credentialsManager->store($uid, self::CREDENTIALS_IDENTIFIER, [ 'user' => $user, 'password' => $password |