diff options
author | Joas Schilling <coding@schilljs.com> | 2016-10-28 11:29:02 +0200 |
---|---|---|
committer | Lukas Reschke <lukas@statuscode.ch> | 2016-11-02 20:30:36 +0100 |
commit | 2cd92d0abbeffd1817c87522f9b633b14e60181a (patch) | |
tree | 0c6dd7a5b543af9cb36385250d80967f45555f41 | |
parent | f7d681d038fcd600b1716965ccbd22dd02fe19e6 (diff) | |
download | nextcloud-server-2cd92d0abbeffd1817c87522f9b633b14e60181a.tar.gz nextcloud-server-2cd92d0abbeffd1817c87522f9b633b14e60181a.zip |
Fix missing update of session, when it was already used.
Signed-off-by: Joas Schilling <coding@schilljs.com>
-rw-r--r-- | lib/private/Security/CSRF/TokenStorage/SessionStorage.php | 7 | ||||
-rw-r--r-- | lib/private/Server.php | 7 |
2 files changed, 12 insertions, 2 deletions
diff --git a/lib/private/Security/CSRF/TokenStorage/SessionStorage.php b/lib/private/Security/CSRF/TokenStorage/SessionStorage.php index cf4cdfa5036..9d2e723a6d3 100644 --- a/lib/private/Security/CSRF/TokenStorage/SessionStorage.php +++ b/lib/private/Security/CSRF/TokenStorage/SessionStorage.php @@ -41,6 +41,13 @@ class SessionStorage { } /** + * @param ISession $session + */ + public function setSession(ISession $session) { + $this->session = $session; + } + + /** * Returns the current token or throws an exception if none is found. * * @return string diff --git a/lib/private/Server.php b/lib/private/Server.php index 6f25098eb35..dca50c15733 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -710,13 +710,15 @@ class Server extends ServerContainer implements IServerContainer { }); $this->registerService('CsrfTokenManager', function (Server $c) { $tokenGenerator = new CsrfTokenGenerator($c->getSecureRandom()); - $sessionStorage = new SessionStorage($c->getSession()); return new CsrfTokenManager( $tokenGenerator, - $sessionStorage + $c->query(SessionStorage::class) ); }); + $this->registerService(SessionStorage::class, function (Server $c) { + return new SessionStorage($c->getSession()); + }); $this->registerService('ContentSecurityPolicyManager', function (Server $c) { return new ContentSecurityPolicyManager(); }); @@ -945,6 +947,7 @@ class Server extends ServerContainer implements IServerContainer { * @param \OCP\ISession $session */ public function setSession(\OCP\ISession $session) { + $this->query(SessionStorage::class)->setSession($session); return $this->query('UserSession')->setSession($session); } |