diff options
| author | Christoph Wurst <ChristophWurst@users.noreply.github.com> | 2022-04-04 11:46:17 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-04-04 11:46:17 +0200 |
| commit | 498d3aea060ed496e2b5351108718e198b021d00 (patch) | |
| tree | 025b66100b00a8985606eee48d5c1153e7b510bd /core | |
| parent | 43220c6393d6a1fca722b28c062f176968088802 (diff) | |
| parent | 515235163c935c5e9f45513028f1e83444010015 (diff) | |
| download | nextcloud-server-498d3aea060ed496e2b5351108718e198b021d00.tar.gz nextcloud-server-498d3aea060ed496e2b5351108718e198b021d00.zip | |
Merge pull request #31687 from nextcloud/enhancement/passwordless-app-passwords
Allow app passwords without login password for occ user:add-app-password
Diffstat (limited to 'core')
| -rw-r--r-- | core/Command/User/AddAppPassword.php | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/core/Command/User/AddAppPassword.php b/core/Command/User/AddAppPassword.php index 7a2270e20b1..65b572533f5 100644 --- a/core/Command/User/AddAppPassword.php +++ b/core/Command/User/AddAppPassword.php @@ -1,4 +1,7 @@ <?php + +declare(strict_types=1); + /** * @copyright Copyright (c) 2020, NextCloud, Inc. * @@ -41,10 +44,13 @@ class AddAppPassword extends Command { /** @var IUserManager */ protected $userManager; + /** @var IProvider */ protected $tokenProvider; + /** @var ISecureRandom */ private $random; + /** @var IEventDispatcher */ private $eventDispatcher; @@ -72,13 +78,14 @@ class AddAppPassword extends Command { 'password-from-env', null, InputOption::VALUE_NONE, - 'read password from environment variable NC_PASS/OC_PASS' + 'Read password from environment variable NC_PASS/OC_PASS. Alternatively it will be asked for interactively or an app password without the login password will be created.' ) ; } protected function execute(InputInterface $input, OutputInterface $output): int { $username = $input->getArgument('user'); + $password = null; $user = $this->userManager->get($username); if (is_null($user)) { @@ -98,18 +105,13 @@ class AddAppPassword extends Command { $question = new Question('Enter the user password: '); $question->setHidden(true); + /** @var null|string $password */ $password = $helper->ask($input, $output, $question); - - if ($password === null) { - $output->writeln("<error>Password cannot be empty!</error>"); - return 1; - } - } else { - $output->writeln("<error>Interactive input or --password-from-env is needed for entering a new password!</error>"); - return 1; } - $output->writeln('<comment>The password has not been validated, some features might not work as intended.</comment>'); + if ($password === null) { + $output->writeln('<info>No password provided. The generated app password will therefore have limited capabilities. Any operation that requires the login password will fail.</info>'); + } $token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS); $generatedToken = $this->tokenProvider->generateToken( |