diff options
author | Roeland Jago Douma <roeland@famdouma.nl> | 2018-05-29 09:24:20 +0200 |
---|---|---|
committer | Roeland Jago Douma <roeland@famdouma.nl> | 2018-06-18 22:11:54 +0200 |
commit | 1f17010e0b4099b41cc72f53e18f4d162ce2e3da (patch) | |
tree | 15b967e14471e5f897e31137506edc80b4a393a2 /lib/private/Authentication/Token | |
parent | 02e0af12871ade04c8dc2cc06d683fcb67fa5363 (diff) | |
download | nextcloud-server-1f17010e0b4099b41cc72f53e18f4d162ce2e3da.tar.gz nextcloud-server-1f17010e0b4099b41cc72f53e18f4d162ce2e3da.zip |
Add first tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib/private/Authentication/Token')
-rw-r--r-- | lib/private/Authentication/Token/PublicKeyTokenProvider.php | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index d7e9038a076..1c5f3da147f 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -134,9 +134,14 @@ class PublicKeyTokenProvider implements IProvider { public function renewSessionToken(string $oldSessionId, string $sessionId) { $token = $this->getToken($oldSessionId); + if (!($token instanceof PublicKeyToken)) { + throw new InvalidTokenException(); + } + $password = null; if (!is_null($token->getPassword())) { - $password = $this->decryptPassword($token->getPassword(), $oldSessionId); + $privateKey = $this->decrypt($token->getPrivateKey(), $oldSessionId); + $password = $this->decryptPassword($token->getPassword(), $privateKey); } $this->generateToken( @@ -198,6 +203,10 @@ class PublicKeyTokenProvider implements IProvider { throw new InvalidTokenException(); } + if ($token->getPassword() === null) { + throw new PasswordlessTokenException(); + } + // Decrypt private key with tokenId $privateKey = $this->decrypt($token->getPrivateKey(), $tokenId); |