Add a const for the max user password length

Signed-off-by: Joas Schilling <coding@schilljs.com>

5 files changed, 13 insertions, 6 deletions

diff --git a/apps/provisioning_api/lib/Controller/UsersController.php b/apps/provisioning_api/lib/Controller/UsersController.php
index 434912f32aa..97d66acd2e0 100644
--- a/apps/provisioning_api/lib/Controller/UsersController.php
+++ b/apps/provisioning_api/lib/Controller/UsersController.php
@@ -389,7 +389,7 @@ class UsersController extends AUserData {
 		}
 
 		$generatePasswordResetToken = false;
-		if (strlen($password) > 469) {
+		if (strlen($password) > IUserManager::MAX_PASSWORD_LENGTH) {
 			throw new OCSException('Invalid password value', 101);
 		}
 		if ($password === '') {
@@ -889,7 +889,7 @@ class UsersController extends AUserData {
 				break;
 			case self::USER_FIELD_PASSWORD:
 				try {
-					if (strlen($value) > 469) {
+					if (strlen($value) > IUserManager::MAX_PASSWORD_LENGTH) {
 						throw new OCSException('Invalid password value', 102);
 					}
 					if (!$targetUser->canChangePassword()) {
diff --git a/apps/settings/lib/Controller/ChangePasswordController.php b/apps/settings/lib/Controller/ChangePasswordController.php
index a25f0b0e59b..20ec28220a5 100644
--- a/apps/settings/lib/Controller/ChangePasswordController.php
+++ b/apps/settings/lib/Controller/ChangePasswordController.php
@@ -95,7 +95,7 @@ class ChangePasswordController extends Controller {
 		}
 
 		try {
-			if ($newpassword === null || strlen($newpassword) > 469 || $user->setPassword($newpassword) === false) {
+			if ($newpassword === null || strlen($newpassword) > IUserManager::MAX_PASSWORD_LENGTH || $user->setPassword($newpassword) === false) {
 				return new JSONResponse([
 					'status' => 'error',
 					'data' => [
@@ -146,7 +146,7 @@ class ChangePasswordController extends Controller {
 			]);
 		}
 
-		if (strlen($password) > 469) {
+		if (strlen($password) > IUserManager::MAX_PASSWORD_LENGTH) {
 			return new JSONResponse([
 				'status' => 'error',
 				'data' => [
diff --git a/core/Controller/LostController.php b/core/Controller/LostController.php
index e7960dbcef5..6176e3cd5e5 100644
--- a/core/Controller/LostController.php
+++ b/core/Controller/LostController.php
@@ -240,7 +240,7 @@ class LostController extends Controller {
 			$this->eventDispatcher->dispatchTyped(new BeforePasswordResetEvent($user, $password));
 			\OC_Hook::emit('\OC\Core\LostPassword\Controller\LostController', 'pre_passwordReset', ['uid' => $userId, 'password' => $password]);
 
-			if (strlen($password) > 469) {
+			if (strlen($password) > IUserManager::MAX_PASSWORD_LENGTH) {
 				throw new HintException('Password too long', $this->l10n->t('Password is too long. Maximum allowed length is 469 characters.'));
 			}
 
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index c7e29568383..d00d3e41539 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -40,6 +40,7 @@ use OCP\AppFramework\Db\DoesNotExistException;
 use OCP\AppFramework\Utility\ITimeFactory;
 use OCP\IConfig;
 use OCP\IDBConnection;
+use OCP\IUserManager;
 use OCP\Security\ICrypto;
 use Psr\Log\LoggerInterface;
 
@@ -397,7 +398,7 @@ class PublicKeyTokenProvider implements IProvider {
 		$dbToken->setPrivateKey($this->encrypt($privateKey, $token));
 
 		if (!is_null($password) && $this->config->getSystemValueBool('auth.storeCryptedPassword', true)) {
-			if (strlen($password) > 469) {
+			if (strlen($password) > IUserManager::MAX_PASSWORD_LENGTH) {
 				throw new \RuntimeException('Trying to save a password with more than 469 characters is not supported. If you want to use big passwords, disable the auth.storeCryptedPassword option in config.php');
 			}
 			$dbToken->setPassword($this->encryptPassword($password, $publicKey));
diff --git a/lib/public/IUserManager.php b/lib/public/IUserManager.php
index 8caa027468b..151c153917f 100644
--- a/lib/public/IUserManager.php
+++ b/lib/public/IUserManager.php
@@ -46,6 +46,12 @@ namespace OCP;
  * @since 8.0.0
  */
 interface IUserManager {
+
+	/**
+	 * @since 26.0.0
+	 */
+	public const MAX_PASSWORD_LENGTH = 469;
+
 	/**
 	 * register a user backend
 	 *