fix: handle IDLE timeoutbackport/53295/stable28

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

3 files changed, 26 insertions, 1 deletions

diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index d6e381b3674..458a8473f71 100644
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -42,6 +42,7 @@ use OCA\OAuth2\Db\ClientMapper;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\Http\StandaloneTemplateResponse;
@@ -232,6 +233,7 @@ class ClientFlowLoginController extends Controller {
 	 * @return Http\RedirectResponse|Response
 	 */
 	#[UseSession]
+	#[PasswordConfirmationRequired(strict: false)]
 	public function generateAppPassword(string $stateToken,
 		string $clientIdentifier = '') {
 		if (!$this->isValidToken($stateToken)) {
diff --git a/core/Controller/ClientFlowLoginV2Controller.php b/core/Controller/ClientFlowLoginV2Controller.php
index b540ff6ce30..15f8beeab3e 100644
--- a/core/Controller/ClientFlowLoginV2Controller.php
+++ b/core/Controller/ClientFlowLoginV2Controller.php
@@ -34,6 +34,7 @@ use OCA\Core\ResponseDefinitions;
 use OCP\AppFramework\Controller;
 use OCP\AppFramework\Http;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
+use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
 use OCP\AppFramework\Http\Attribute\UseSession;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\AppFramework\Http\RedirectResponse;
@@ -238,6 +239,7 @@ class ClientFlowLoginV2Controller extends Controller {
 	 * @NoAdminRequired
 	 */
 	#[UseSession]
+	#[PasswordConfirmationRequired(strict: false)]
 	public function generateAppPassword(?string $stateToken): Response {
 		if ($stateToken === null) {
 			return $this->stateTokenMissingResponse();
diff --git a/core/js/login/grant.js b/core/js/login/grant.js
index c4d49505059..c6134504421 100644
--- a/core/js/login/grant.js
+++ b/core/js/login/grant.js
@@ -1,8 +1,29 @@
-document.querySelector('form').addEventListener('submit', function(e) {
+/**
+ * SPDX-FileCopyrightText: 2018 Nextcloud GmbH and Nextcloud contributors
+ * SPDX-License-Identifier: AGPL-3.0-or-later
+ */
+
+const form = document.querySelector('form')
+form.addEventListener('submit', function(event) {
 	const wrapper = document.getElementById('submit-wrapper')
 	if (wrapper === null) {
 		return
 	}
+
+	if (OC.PasswordConfirmation.requiresPasswordConfirmation()) {
+		// stop the event
+		event.preventDefault()
+		event.stopPropagation()
+
+		// handle password confirmation
+		OC.PasswordConfirmation.requirePasswordConfirmation(function () {
+			// when password is confirmed we submit the form
+			form.submit()
+		})
+
+		return false
+	}
+
 	Array.from(wrapper.getElementsByClassName('icon-confirm-white')).forEach(function(el) {
 		el.classList.remove('icon-confirm-white')
 		el.classList.add(OCA.Theming && OCA.Theming.inverted ? 'icon-loading-small' : 'icon-loading-small-dark')