diff options
| author | Lionel Elie Mamane <lionel@mamane.lu> | 2020-06-20 11:21:41 +0200 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2020-08-20 16:02:22 +0200 |
| commit | ac8b40b8b12d4bf85bdd6b7ab038f0605c8651d9 (patch) | |
| tree | c1ea1568445cd6168c571721a7e362f60b168833 | |
| parent | 03603db486debbb31dfa05486f3b10338a28b50c (diff) | |
| download | nextcloud-server-ac8b40b8b12d4bf85bdd6b7ab038f0605c8651d9.tar.gz nextcloud-server-ac8b40b8b12d4bf85bdd6b7ab038f0605c8651d9.zip | |
Return correct loginname in credentials,
even when token is invalid or has no password.
Returning the uid as loginname is wrong, and leads to problems when
these differ. E.g. the getapppassword API was creating app token with
the uid as loginname. In a scenario with external authentication (such
as LDAP), these tokens were then invalidated next time their underlying
password was checked, and systematically ceased to function.
Co-authored-by: kesselb <mail@danielkesselberg.de>
for: switch to consistent camelCase
Signed-off-by: Lionel Elie Mamane <lionel@mamane.lu>
| -rw-r--r-- | lib/private/Authentication/LoginCredentials/Store.php | 2 | ||||
| -rw-r--r-- | lib/private/Server.php | 4 | ||||
| -rw-r--r-- | lib/private/User/Session.php | 4 | ||||
| -rw-r--r-- | lib/public/User/Events/PostLoginEvent.php | 16 |
4 files changed, 21 insertions, 5 deletions
diff --git a/lib/private/Authentication/LoginCredentials/Store.php b/lib/private/Authentication/LoginCredentials/Store.php index f4bedd88a18..6dd7dc3fb73 100644 --- a/lib/private/Authentication/LoginCredentials/Store.php +++ b/lib/private/Authentication/LoginCredentials/Store.php @@ -112,7 +112,7 @@ class Store implements IStore { if ($trySession && $this->session->exists('login_credentials')) { $creds = json_decode($this->session->get('login_credentials')); - return new Credentials($creds->uid, $creds->uid, $creds->password); + return new Credentials($creds->uid, $creds->loginName, $creds->password); } // If we reach this line, an exception was thrown. diff --git a/lib/private/Server.php b/lib/private/Server.php index 9b452f21ce1..ff3214fe030 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -566,9 +566,9 @@ class Server extends ServerContainer implements IServerContainer { $dispatcher = $this->query(IEventDispatcher::class); $dispatcher->dispatchTyped(new BeforeUserLoggedInEvent($uid, $password)); }); - $userSession->listen('\OC\User', 'postLogin', function ($user, $password, $isTokenLogin) { + $userSession->listen('\OC\User', 'postLogin', function ($user, $loginName, $password, $isTokenLogin) { /** @var \OC\User\User $user */ - \OC_Hook::emit('OC_User', 'post_login', ['run' => true, 'uid' => $user->getUID(), 'password' => $password, 'isTokenLogin' => $isTokenLogin]); + \OC_Hook::emit('OC_User', 'post_login', ['run' => true, 'uid' => $user->getUID(), 'loginName' => $loginName, 'password' => $password, 'isTokenLogin' => $isTokenLogin]); /** @var IEventDispatcher $dispatcher */ $dispatcher = $this->query(IEventDispatcher::class); diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 3996869c692..176e384bcb6 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -80,7 +80,7 @@ use Symfony\Component\EventDispatcher\GenericEvent; * - preUnassignedUserId(string $uid) * - postUnassignedUserId(string $uid) * - preLogin(string $user, string $password) - * - postLogin(\OC\User\User $user, string $password) + * - postLogin(\OC\User\User $user, string $loginName, string $password, boolean $isTokenLogin) * - preRememberedLogin(string $uid) * - postRememberedLogin(\OC\User\User $user) * - logout() @@ -400,11 +400,13 @@ class Session implements IUserSession, Emitter { $this->dispatcher->dispatchTyped(new PostLoginEvent( $user, + $loginDetails['loginName'], $loginDetails['password'], $isToken )); $this->manager->emit('\OC\User', 'postLogin', [ $user, + $loginDetails['loginName'], $loginDetails['password'], $isToken, ]); diff --git a/lib/public/User/Events/PostLoginEvent.php b/lib/public/User/Events/PostLoginEvent.php index 15772bfef17..76d9a70aac8 100644 --- a/lib/public/User/Events/PostLoginEvent.php +++ b/lib/public/User/Events/PostLoginEvent.php @@ -38,6 +38,12 @@ class PostLoginEvent extends Event { /** @var IUser */ private $user; + /** + * @since 20.0.0 + * @var string + */ + private $loginName; + /** @var string */ private $password; @@ -47,9 +53,10 @@ class PostLoginEvent extends Event { /** * @since 18.0.0 */ - public function __construct(IUser $user, string $password, bool $isTokenLogin) { + public function __construct(IUser $user, string $loginName, string $password, bool $isTokenLogin) { parent::__construct(); $this->user = $user; + $this->loginName = $loginName; $this->password = $password; $this->isTokenLogin = $isTokenLogin; } @@ -62,6 +69,13 @@ class PostLoginEvent extends Event { } /** + * @since 20.0.0 + */ + public function getLoginName(): string { + return $this->loginName; + } + + /** * @since 18.0.0 */ public function getPassword(): string { |