summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJoas Schilling <coding@schilljs.com>2016-10-28 11:29:02 +0200
committerLukas Reschke <lukas@statuscode.ch>2016-11-02 20:30:36 +0100
commit2cd92d0abbeffd1817c87522f9b633b14e60181a (patch)
tree0c6dd7a5b543af9cb36385250d80967f45555f41
parentf7d681d038fcd600b1716965ccbd22dd02fe19e6 (diff)
downloadnextcloud-server-2cd92d0abbeffd1817c87522f9b633b14e60181a.tar.gz
nextcloud-server-2cd92d0abbeffd1817c87522f9b633b14e60181a.zip
Fix missing update of session, when it was already used.
Signed-off-by: Joas Schilling <coding@schilljs.com>
-rw-r--r--lib/private/Security/CSRF/TokenStorage/SessionStorage.php7
-rw-r--r--lib/private/Server.php7
2 files changed, 12 insertions, 2 deletions
diff --git a/lib/private/Security/CSRF/TokenStorage/SessionStorage.php b/lib/private/Security/CSRF/TokenStorage/SessionStorage.php
index cf4cdfa5036..9d2e723a6d3 100644
--- a/lib/private/Security/CSRF/TokenStorage/SessionStorage.php
+++ b/lib/private/Security/CSRF/TokenStorage/SessionStorage.php
@@ -41,6 +41,13 @@ class SessionStorage {
}
/**
+ * @param ISession $session
+ */
+ public function setSession(ISession $session) {
+ $this->session = $session;
+ }
+
+ /**
* Returns the current token or throws an exception if none is found.
*
* @return string
diff --git a/lib/private/Server.php b/lib/private/Server.php
index 6f25098eb35..dca50c15733 100644
--- a/lib/private/Server.php
+++ b/lib/private/Server.php
@@ -710,13 +710,15 @@ class Server extends ServerContainer implements IServerContainer {
});
$this->registerService('CsrfTokenManager', function (Server $c) {
$tokenGenerator = new CsrfTokenGenerator($c->getSecureRandom());
- $sessionStorage = new SessionStorage($c->getSession());
return new CsrfTokenManager(
$tokenGenerator,
- $sessionStorage
+ $c->query(SessionStorage::class)
);
});
+ $this->registerService(SessionStorage::class, function (Server $c) {
+ return new SessionStorage($c->getSession());
+ });
$this->registerService('ContentSecurityPolicyManager', function (Server $c) {
return new ContentSecurityPolicyManager();
});
@@ -945,6 +947,7 @@ class Server extends ServerContainer implements IServerContainer {
* @param \OCP\ISession $session
*/
public function setSession(\OCP\ISession $session) {
+ $this->query(SessionStorage::class)->setSession($session);
return $this->query('UserSession')->setSession($session);
}