summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
authorSergej Nikolaev <kinolaev@gmail.com>2019-10-04 03:28:48 +0300
committerJohn Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>2019-10-05 10:28:47 +0200
commit9aa992e60b63a80188a5bdf4106b746fd8fef19c (patch)
treee293463abb19c014c8a4b41e49a31056af173d80 /apps
parent87ad219dafd60b9b733a03a34404ab828b195cdb (diff)
downloadnextcloud-server-9aa992e60b63a80188a5bdf4106b746fd8fef19c.tar.gz
nextcloud-server-9aa992e60b63a80188a5bdf4106b746fd8fef19c.zip
fix updating and deleting authtokens
Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
Diffstat (limited to 'apps')
-rw-r--r--apps/settings/lib/Controller/AuthSettingsController.php8
-rw-r--r--apps/settings/tests/Controller/AuthSettingsControllerTest.php45
2 files changed, 51 insertions, 2 deletions
diff --git a/apps/settings/lib/Controller/AuthSettingsController.php b/apps/settings/lib/Controller/AuthSettingsController.php
index b948cd5065d..8325c911283 100644
--- a/apps/settings/lib/Controller/AuthSettingsController.php
+++ b/apps/settings/lib/Controller/AuthSettingsController.php
@@ -29,6 +29,7 @@ namespace OCA\Settings\Controller;
use BadMethodCallException;
use OC\Authentication\Exceptions\InvalidTokenException;
+use OC\Authentication\Exceptions\ExpiredTokenException;
use OC\Authentication\Exceptions\PasswordlessTokenException;
use OC\Authentication\Exceptions\WipeTokenException;
use OC\Authentication\Token\INamedToken;
@@ -259,10 +260,13 @@ class AuthSettingsController extends Controller {
* @param int $id
* @return IToken
* @throws InvalidTokenException
- * @throws \OC\Authentication\Exceptions\ExpiredTokenException
*/
private function findTokenByIdAndUser(int $id): IToken {
- $token = $this->tokenProvider->getTokenById($id);
+ try {
+ $token = $this->tokenProvider->getTokenById($id);
+ } catch (ExpiredTokenException $e) {
+ $token = $e->getToken();
+ }
if ($token->getUID() !== $this->uid) {
throw new InvalidTokenException('This token does not belong to you!');
}
diff --git a/apps/settings/tests/Controller/AuthSettingsControllerTest.php b/apps/settings/tests/Controller/AuthSettingsControllerTest.php
index 88913b1f03f..40000e19171 100644
--- a/apps/settings/tests/Controller/AuthSettingsControllerTest.php
+++ b/apps/settings/tests/Controller/AuthSettingsControllerTest.php
@@ -23,6 +23,7 @@ namespace Test\Settings\Controller;
use OC\AppFramework\Http;
use OC\Authentication\Exceptions\InvalidTokenException;
+use OC\Authentication\Exceptions\ExpiredTokenException;
use OC\Authentication\Token\DefaultToken;
use OC\Authentication\Token\IProvider;
use OC\Authentication\Token\IToken;
@@ -188,6 +189,30 @@ class AuthSettingsControllerTest extends TestCase {
$this->assertEquals([], $this->controller->destroy($tokenId));
}
+ public function testDestroyExpired() {
+ $tokenId = 124;
+ $token = $this->createMock(DefaultToken::class);
+
+ $token->expects($this->exactly(2))
+ ->method('getId')
+ ->willReturn($tokenId);
+
+ $token->expects($this->once())
+ ->method('getUID')
+ ->willReturn($this->uid);
+
+ $this->tokenProvider->expects($this->once())
+ ->method('getTokenById')
+ ->with($this->equalTo($tokenId))
+ ->willThrowException(new ExpiredTokenException($token));
+
+ $this->tokenProvider->expects($this->once())
+ ->method('invalidateTokenById')
+ ->with($this->uid, $tokenId);
+
+ $this->assertSame([], $this->controller->destroy($tokenId));
+ }
+
public function testDestroyWrongUser() {
$tokenId = 124;
$token = $this->createMock(DefaultToken::class);
@@ -320,6 +345,26 @@ class AuthSettingsControllerTest extends TestCase {
$this->assertSame([], $this->controller->update($tokenId, ['filesystem' => true], 'App password'));
}
+ public function testUpdateExpired() {
+ $tokenId = 42;
+ $token = $this->createMock(DefaultToken::class);
+
+ $token->expects($this->once())
+ ->method('getUID')
+ ->willReturn($this->uid);
+
+ $this->tokenProvider->expects($this->once())
+ ->method('getTokenById')
+ ->with($this->equalTo($tokenId))
+ ->willThrowException(new ExpiredTokenException($token));
+
+ $this->tokenProvider->expects($this->once())
+ ->method('updateToken')
+ ->with($this->equalTo($token));
+
+ $this->assertSame([], $this->controller->update($tokenId, ['filesystem' => true], 'App password'));
+ }
+
public function testUpdateTokenWrongUser() {
$tokenId = 42;
$token = $this->createMock(DefaultToken::class);