Merge pull request #11104 from nextcloud/fix/token_expire_hardening

Expire tokens hardening
author: Roeland Jago Douma <rullzer@users.noreply.github.com> 2018-09-07 13:42:49 +0200
committer: GitHub <noreply@github.com> 2018-09-07 13:42:49 +0200
commit: a3e86be8c7a22990f66be651e1198b611a36c34b (patch)
tree: ce7c431fc70885dd877ac5e6d4799ba29fe39f9f
parent: f14f8cc51e081d04de5927cfbbb2a9f354e0c658 (diff)
parent: 47b46fa69db7d569f871e6325c2874d13f336a81 (diff)
download: nextcloud-server-a3e86be8c7a22990f66be651e1198b611a36c34b.tar.gz
nextcloud-server-a3e86be8c7a22990f66be651e1198b611a36c34b.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index f6a6fc3455f..73bd7a711dc 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -80,7 +80,7 @@ class PublicKeyTokenProvider implements IProvider {
 			throw new InvalidTokenException();
 		}
 
-		if ($token->getExpires() !== null && $token->getExpires() < $this->time->getTime()) {
+		if ($token->getExpires() !== null && $token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
 			throw new ExpiredTokenException($token);
 		}
author	Roeland Jago Douma <rullzer@users.noreply.github.com>	2018-09-07 13:42:49 +0200
committer	GitHub <noreply@github.com>	2018-09-07 13:42:49 +0200
commit	a3e86be8c7a22990f66be651e1198b611a36c34b (patch)
tree	ce7c431fc70885dd877ac5e6d4799ba29fe39f9f
parent	f14f8cc51e081d04de5927cfbbb2a9f354e0c658 (diff)
parent	47b46fa69db7d569f871e6325c2874d13f336a81 (diff)
download	nextcloud-server-a3e86be8c7a22990f66be651e1198b611a36c34b.tar.gz nextcloud-server-a3e86be8c7a22990f66be651e1198b611a36c34b.zip