diff options
author | Carl Schwan <carl@carlschwan.eu> | 2022-07-29 12:26:52 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-07-29 12:26:52 +0200 |
commit | 952acd4d276b3190d23e0597c5e01b1dfc4d72bc (patch) | |
tree | a5c0947e8114b80f4ff3bb9968cbec6ec1a797ec | |
parent | 532ea001a571078f643a70a906e15b32afebde6a (diff) | |
parent | 702445ba3b454f14085710617ec09ce2134a56dc (diff) | |
download | nextcloud-server-952acd4d276b3190d23e0597c5e01b1dfc4d72bc.tar.gz nextcloud-server-952acd4d276b3190d23e0597c5e01b1dfc4d72bc.zip |
Merge pull request #33225 from nextcloud/fix/handle-one-time-passwords
Handle one time password better
-rw-r--r-- | lib/private/Authentication/Token/PublicKeyTokenProvider.php | 2 | ||||
-rw-r--r-- | tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php | 10 |
2 files changed, 10 insertions, 2 deletions
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index d21179a35c1..f9ebe90c890 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -401,7 +401,7 @@ class PublicKeyTokenProvider implements IProvider { $this->cache->clear(); // prevent setting an empty pw as result of pw-less-login - if ($password === '') { + if ($password === '' || !$this->config->getSystemValueBool('auth.storeCryptedPassword', true)) { return; } diff --git a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php index db61244db5b..1ef0aa80817 100644 --- a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php +++ b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php @@ -98,7 +98,7 @@ class PublicKeyTokenProviderTest extends TestCase { $this->assertSame($password, $this->tokenProvider->getPassword($actual, $token)); } - public function testGenerateTokenNoPassword() { + public function testGenerateTokenNoPassword(): void { $token = 'token'; $uid = 'user'; $user = 'User'; @@ -171,6 +171,10 @@ class PublicKeyTokenProviderTest extends TestCase { ->method('updateActivity') ->with($tk, $this->time); $tk->setLastActivity($this->time - 200); + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $this->tokenProvider->updateTokenActivity($tk); @@ -578,6 +582,10 @@ class PublicKeyTokenProviderTest extends TestCase { 'random2', IToken::PERMANENT_TOKEN, IToken::REMEMBER); + $this->config->method('getSystemValueBool') + ->willReturnMap([ + ['auth.storeCryptedPassword', true, true], + ]); $this->mapper->method('hasExpiredTokens') ->with($uid) |