summaryrefslogtreecommitdiffstats
path: root/lib/private/Authentication/Token
diff options
context:
space:
mode:
authorRoeland Jago Douma <roeland@famdouma.nl>2018-05-29 09:24:20 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2018-06-18 22:11:54 +0200
commit1f17010e0b4099b41cc72f53e18f4d162ce2e3da (patch)
tree15b967e14471e5f897e31137506edc80b4a393a2 /lib/private/Authentication/Token
parent02e0af12871ade04c8dc2cc06d683fcb67fa5363 (diff)
downloadnextcloud-server-1f17010e0b4099b41cc72f53e18f4d162ce2e3da.tar.gz
nextcloud-server-1f17010e0b4099b41cc72f53e18f4d162ce2e3da.zip
Add first tests
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'lib/private/Authentication/Token')
-rw-r--r--lib/private/Authentication/Token/PublicKeyTokenProvider.php11
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index d7e9038a076..1c5f3da147f 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -134,9 +134,14 @@ class PublicKeyTokenProvider implements IProvider {
public function renewSessionToken(string $oldSessionId, string $sessionId) {
$token = $this->getToken($oldSessionId);
+ if (!($token instanceof PublicKeyToken)) {
+ throw new InvalidTokenException();
+ }
+
$password = null;
if (!is_null($token->getPassword())) {
- $password = $this->decryptPassword($token->getPassword(), $oldSessionId);
+ $privateKey = $this->decrypt($token->getPrivateKey(), $oldSessionId);
+ $password = $this->decryptPassword($token->getPassword(), $privateKey);
}
$this->generateToken(
@@ -198,6 +203,10 @@ class PublicKeyTokenProvider implements IProvider {
throw new InvalidTokenException();
}
+ if ($token->getPassword() === null) {
+ throw new PasswordlessTokenException();
+ }
+
// Decrypt private key with tokenId
$privateKey = $this->decrypt($token->getPrivateKey(), $tokenId);