fix: handle IDLE timeoutbackport/53292/stable29

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

3 files changed, 26 insertions, 1 deletions

diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index 7c89618b401..1f82ff499cd 100644
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -43,6 +43,7 @@ use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\Attribute\FrontpageRoute;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\Http\StandaloneTemplateResponse;
@@ -240,6 +241,7 @@ class ClientFlowLoginController extends Controller {
 	 * @return Http\RedirectResponse|Response
 	 */
 	#[UseSession]
+	#[PasswordConfirmationRequired(strict: false)]
 	#[FrontpageRoute(verb: 'POST', url: '/login/flow')]
 	public function generateAppPassword(string $stateToken,
 		string $clientIdentifier = '',
diff --git a/core/Controller/ClientFlowLoginV2Controller.php b/core/Controller/ClientFlowLoginV2Controller.php
index dbbb3faa504..39fb6f20534 100644
--- a/core/Controller/ClientFlowLoginV2Controller.php
+++ b/core/Controller/ClientFlowLoginV2Controller.php
@@ -35,6 +35,7 @@ use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\Attribute\FrontpageRoute;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\Http\RedirectResponse;
@@ -244,6 +245,7 @@ class ClientFlowLoginV2Controller extends Controller {
 	 * @NoAdminRequired
 	 */
 	#[UseSession]
+	#[PasswordConfirmationRequired(strict: false)]
 	#[FrontpageRoute(verb: 'POST', url: '/login/v2/grant')]
 	public function generateAppPassword(?string $stateToken): Response {
 		if ($stateToken === null) {
diff --git a/core/js/login/grant.js b/core/js/login/grant.js
index c4d49505059..c6134504421 100644
--- a/core/js/login/grant.js
+++ b/core/js/login/grant.js
@@ -1,8 +1,29 @@
-document.querySelector('form').addEventListener('submit', function(e) {
+/**
+ * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+const form = document.querySelector('form')
+form.addEventListener('submit', function(event) {
 	const wrapper = document.getElementById('submit-wrapper')
 	if (wrapper === null) {
 		return
 	}
+
+	if (OC.PasswordConfirmation.requiresPasswordConfirmation()) {
+		// stop the event
+		event.preventDefault()
+		event.stopPropagation()
+
+		// handle password confirmation
+		OC.PasswordConfirmation.requirePasswordConfirmation(function () {
+			// when password is confirmed we submit the form
+			form.submit()
+		})
+
+		return false
+	}
+
 	Array.from(wrapper.getElementsByClassName('icon-confirm-white')).forEach(function(el) {
 		el.classList.remove('icon-confirm-white')
 		el.classList.add(OCA.Theming && OCA.Theming.inverted ? 'icon-loading-small' : 'icon-loading-small-dark')