diff options
| author | Joas Schilling <coding@schilljs.com> | 2022-03-23 21:38:53 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2022-03-23 21:38:53 +0100 |
| commit | d683e0d3d1448111d8de1ffaa480dcb203f61143 (patch) | |
| tree | 74b29f9cefd1452aff85cec4483b65f4e50e7880 | |
| parent | c1215f573ae98fb3cf66f9ff5dc408574a7df560 (diff) | |
| download | nextcloud-server-d683e0d3d1448111d8de1ffaa480dcb203f61143.tar.gz nextcloud-server-d683e0d3d1448111d8de1ffaa480dcb203f61143.zip | |
Automatically cut the token name on the first level
Signed-off-by: Joas Schilling <coding@schilljs.com>
| -rw-r--r-- | lib/private/Authentication/Token/IProvider.php | 2 | ||||
| -rw-r--r-- | lib/private/Authentication/Token/Manager.php | 4 | ||||
| -rw-r--r-- | tests/lib/Authentication/Token/ManagerTest.php | 31 |
3 files changed, 34 insertions, 3 deletions
diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php index e604ac715c2..0a145bfd7e6 100644 --- a/lib/private/Authentication/Token/IProvider.php +++ b/lib/private/Authentication/Token/IProvider.php @@ -44,7 +44,7 @@ interface IProvider { * @param string $uid * @param string $loginName * @param string|null $password - * @param string $name + * @param string $name Name will be trimmed to 120 chars when longer * @param int $type token type * @param int $remember whether the session token should be used for remember-me * @return IToken diff --git a/lib/private/Authentication/Token/Manager.php b/lib/private/Authentication/Token/Manager.php index ae0874733f8..f8a0fb11c52 100644 --- a/lib/private/Authentication/Token/Manager.php +++ b/lib/private/Authentication/Token/Manager.php @@ -49,7 +49,7 @@ class Manager implements IProvider { * @param string $uid * @param string $loginName * @param string|null $password - * @param string $name + * @param string $name Name will be trimmed to 120 chars when longer * @param int $type token type * @param int $remember whether the session token should be used for remember-me * @return IToken @@ -62,7 +62,7 @@ class Manager implements IProvider { int $type = IToken::TEMPORARY_TOKEN, int $remember = IToken::DO_NOT_REMEMBER): IToken { if (mb_strlen($name) > 128) { - throw new InvalidTokenException('The given name is too long'); + $name = mb_substr($name, 0, 120) . '…'; } try { diff --git a/tests/lib/Authentication/Token/ManagerTest.php b/tests/lib/Authentication/Token/ManagerTest.php index 8b40fb9b669..5f024bb1d43 100644 --- a/tests/lib/Authentication/Token/ManagerTest.php +++ b/tests/lib/Authentication/Token/ManagerTest.php @@ -114,6 +114,37 @@ class ManagerTest extends TestCase { $this->assertSame($token, $actual); } + public function testGenerateTokenTooLongName() { + $token = $this->createMock(IToken::class); + $token->method('getName') + ->willReturn(str_repeat('a', 120) . '…'); + + + $this->publicKeyTokenProvider->expects($this->once()) + ->method('generateToken') + ->with( + 'token', + 'uid', + 'loginName', + 'password', + str_repeat('a', 120) . '…', + IToken::TEMPORARY_TOKEN, + IToken::REMEMBER + )->willReturn($token); + + $actual = $this->manager->generateToken( + 'token', + 'uid', + 'loginName', + 'password', + str_repeat('a', 200), + IToken::TEMPORARY_TOKEN, + IToken::REMEMBER + ); + + $this->assertSame(121, mb_strlen($actual->getName())); + } + public function tokenData(): array { return [ [new PublicKeyToken()], |