diff options
| author | Joas Schilling <coding@schilljs.com> | 2022-03-22 10:51:54 +0100 |
|---|---|---|
| committer | Joas Schilling <coding@schilljs.com> | 2022-03-23 10:47:56 +0100 |
| commit | a0c7798c7dd0ec537a6ed3b964103a9ad94d2040 (patch) | |
| tree | 9e68e05927644e5b382420ed5dabdbbd5688c569 /apps/settings/lib/Controller | |
| parent | 0fa17f8902e7391f189227b406a0058af6c4a4e0 (diff) | |
| download | nextcloud-server-a0c7798c7dd0ec537a6ed3b964103a9ad94d2040.tar.gz nextcloud-server-a0c7798c7dd0ec537a6ed3b964103a9ad94d2040.zip | |
Limit the length of app password names
Signed-off-by: Joas Schilling <coding@schilljs.com>
Diffstat (limited to 'apps/settings/lib/Controller')
| -rw-r--r-- | apps/settings/lib/Controller/AuthSettingsController.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/apps/settings/lib/Controller/AuthSettingsController.php b/apps/settings/lib/Controller/AuthSettingsController.php index 3255fcce56e..38db7be1e91 100644 --- a/apps/settings/lib/Controller/AuthSettingsController.php +++ b/apps/settings/lib/Controller/AuthSettingsController.php @@ -145,6 +145,10 @@ class AuthSettingsController extends Controller { return $this->getServiceNotAvailableResponse(); } + if (mb_strlen($name) > 128) { + $name = mb_substr($name, 0, 120) . '…'; + } + $token = $this->generateRandomDeviceToken(); $deviceToken = $this->tokenProvider->generateToken($token, $this->uid, $loginName, $password, $name, IToken::PERMANENT_TOKEN); $tokenData = $deviceToken->jsonSerialize(); @@ -241,6 +245,10 @@ class AuthSettingsController extends Controller { $this->publishActivity($scope['filesystem'] ? Provider::APP_TOKEN_FILESYSTEM_GRANTED : Provider::APP_TOKEN_FILESYSTEM_REVOKED, $token->getId(), ['name' => $currentName]); } + if (mb_strlen($name) > 128) { + $name = mb_substr($name, 0, 120) . '…'; + } + if ($token instanceof INamedToken && $name !== $currentName) { $token->setName($name); $this->publishActivity(Provider::APP_TOKEN_RENAMED, $token->getId(), ['name' => $currentName, 'newName' => $name]); |