diff options
| author | Joas Schilling <213943+nickvergessen@users.noreply.github.com> | 2023-01-05 06:31:32 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-01-05 06:31:32 +0100 |
| commit | 4670c5b38fe43edf3d4be090e693dd3c22a6aebb (patch) | |
| tree | 3fa28e564fb10573f4af3e58037f3d4e08eb4be6 | |
| parent | 411754a12a5ac6ab244688e4910987af9f0287cd (diff) | |
| parent | b4a29644ccfc1acafcfbdb8b7b887df1fe520166 (diff) | |
| download | nextcloud-server-4670c5b38fe43edf3d4be090e693dd3c22a6aebb.tar.gz nextcloud-server-4670c5b38fe43edf3d4be090e693dd3c22a6aebb.zip | |
Merge pull request #35981 from nextcloud/followup/35965/const-for-max-password-length
Add a const for the max user password length
| -rw-r--r-- | apps/provisioning_api/lib/Controller/UsersController.php | 4 | ||||
| -rw-r--r-- | apps/settings/lib/Controller/ChangePasswordController.php | 4 | ||||
| -rw-r--r-- | core/Controller/LostController.php | 2 | ||||
| -rw-r--r-- | lib/private/Authentication/Token/PublicKeyTokenProvider.php | 3 | ||||
| -rw-r--r-- | lib/public/IUserManager.php | 6 |
5 files changed, 13 insertions, 6 deletions
diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php index 434912f32aa..97d66acd2e0 100644 --- a/apps/provisioning_api/lib/Controller/UsersController.php +++ b/apps/provisioning_api/lib/Controller/UsersController.php @@ -389,7 +389,7 @@ class UsersController extends AUserData { } $generatePasswordResetToken = false; - if (strlen($password) > 469) { + if (strlen($password) > IUserManager::MAX_PASSWORD_LENGTH) { throw new OCSException('Invalid password value', 101); } if ($password === '') { @@ -889,7 +889,7 @@ class UsersController extends AUserData { break; case self::USER_FIELD_PASSWORD: try { - if (strlen($value) > 469) { + if (strlen($value) > IUserManager::MAX_PASSWORD_LENGTH) { throw new OCSException('Invalid password value', 102); } if (!$targetUser->canChangePassword()) { diff --git a/apps/settings/lib/Controller/ChangePasswordController.php b/apps/settings/lib/Controller/ChangePasswordController.php index a25f0b0e59b..20ec28220a5 100644 --- a/apps/settings/lib/Controller/ChangePasswordController.php +++ b/apps/settings/lib/Controller/ChangePasswordController.php @@ -95,7 +95,7 @@ class ChangePasswordController extends Controller { } try { - if ($newpassword === null || strlen($newpassword) > 469 || $user->setPassword($newpassword) === false) { + if ($newpassword === null || strlen($newpassword) > IUserManager::MAX_PASSWORD_LENGTH || $user->setPassword($newpassword) === false) { return new JSONResponse([ 'status' => 'error', 'data' => [ @@ -146,7 +146,7 @@ class ChangePasswordController extends Controller { ]); } - if (strlen($password) > 469) { + if (strlen($password) > IUserManager::MAX_PASSWORD_LENGTH) { return new JSONResponse([ 'status' => 'error', 'data' => [ diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php index e7960dbcef5..6176e3cd5e5 100644 --- a/core/Controller/LostController.php +++ b/core/Controller/LostController.php @@ -240,7 +240,7 @@ class LostController extends Controller { $this->eventDispatcher->dispatchTyped(new BeforePasswordResetEvent($user, $password)); \OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', ['uid' => $userId, 'password' => $password]); - if (strlen($password) > 469) { + if (strlen($password) > IUserManager::MAX_PASSWORD_LENGTH) { throw new HintException('Password too long', $this->l10n->t('Password is too long. Maximum allowed length is 469 characters.')); } diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index c7e29568383..d00d3e41539 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -40,6 +40,7 @@ use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Utility\ITimeFactory; use OCP\IConfig; use OCP\IDBConnection; +use OCP\IUserManager; use OCP\Security\ICrypto; use Psr\Log\LoggerInterface; @@ -397,7 +398,7 @@ class PublicKeyTokenProvider implements IProvider { $dbToken->setPrivateKey($this->encrypt($privateKey, $token)); if (!is_null($password) && $this->config->getSystemValueBool('auth.storeCryptedPassword', true)) { - if (strlen($password) > 469) { + if (strlen($password) > IUserManager::MAX_PASSWORD_LENGTH) { throw new \RuntimeException('Trying to save a password with more than 469 characters is not supported. If you want to use big passwords, disable the auth.storeCryptedPassword option in config.php'); } $dbToken->setPassword($this->encryptPassword($password, $publicKey)); diff --git a/lib/public/IUserManager.php b/lib/public/IUserManager.php index 8caa027468b..151c153917f 100644 --- a/lib/public/IUserManager.php +++ b/lib/public/IUserManager.php @@ -46,6 +46,12 @@ namespace OCP; * @since 8.0.0 */ interface IUserManager { + + /** + * @since 26.0.0 + */ + public const MAX_PASSWORD_LENGTH = 469; + /** * register a user backend * |