Emit an error log when the app token login name does not match

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
author: Christoph Wurst <christoph@winzerhof-wurst.at> 2021-08-13 10:31:51 +0200
committer: Christoph Wurst <christoph@winzerhof-wurst.at> 2021-08-13 10:31:51 +0200
commit: a14333779170f47fe53a78b2299414a4273d41d0 (patch)
tree: ba8718f27cb3b88ff7bac5abc90d11091eb9d878
parent: 05ec2faea8e2333ee96059d17c707322cfd279ea (diff)
download: nextcloud-server-a14333779170f47fe53a78b2299414a4273d41d0.tar.gz
nextcloud-server-a14333779170f47fe53a78b2299414a4273d41d0.zip
1 files changed, 6 insertions, 1 deletions
diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 4ce99512040..fa6f14fd3ec 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -788,9 +788,14 @@ class Session implements IUserSession, Emitter {
 
 		// Check if login names match
 		if (!is_null($user) && $dbToken->getLoginName() !== $user) {
-			// TODO: this makes it imposssible to use different login names on browser and client
+			// TODO: this makes it impossible to use different login names on browser and client
 			// e.g. login by e-mail 'user@example.com' on browser for generating the token will not
 			//      allow to use the client token with the login name 'user'.
+			$this->logger->error('App token login name does not match', [
+				'tokenLoginName' => $dbToken->getLoginName(),
+				'sessionLoginName' => $user,
+			]);
+
 			return false;
 		}
author	Christoph Wurst <christoph@winzerhof-wurst.at>	2021-08-13 10:31:51 +0200
committer	Christoph Wurst <christoph@winzerhof-wurst.at>	2021-08-13 10:31:51 +0200
commit	a14333779170f47fe53a78b2299414a4273d41d0 (patch)
tree	ba8718f27cb3b88ff7bac5abc90d11091eb9d878
parent	05ec2faea8e2333ee96059d17c707322cfd279ea (diff)
download	nextcloud-server-a14333779170f47fe53a78b2299414a4273d41d0.tar.gz nextcloud-server-a14333779170f47fe53a78b2299414a4273d41d0.zip