diff options
| author | Louis <louis@chmn.me> | 2025-03-03 10:06:27 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-03 10:06:27 +0100 |
| commit | afae742a2b7ccc75a7b2a1380b8d9491a971f123 (patch) | |
| tree | 1bd6a128ce78c3f69ebba17f7ad8d11a40e3d1ba /lib | |
| parent | 2dfc9eae17d4599f65ae8f4240fc8144485261f9 (diff) | |
| parent | 68f86b3066e1c1070a32aba97a51096188a432aa (diff) | |
| download | nextcloud-server-afae742a2b7ccc75a7b2a1380b8d9491a971f123.tar.gz nextcloud-server-afae742a2b7ccc75a7b2a1380b8d9491a971f123.zip | |
Merge pull request #51095 from nextcloud/artonge/fix/epehmeral_sessions
fix(login): Ephemeral sessions
Diffstat (limited to 'lib')
3 files changed, 11 insertions, 7 deletions
diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index e1a2fefc55a..b6e2df4ce7b 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -217,12 +217,7 @@ class DIContainer extends SimpleContainer implements IAppContainer { ) ); - $dispatcher->registerMiddleware( - new FlowV2EphemeralSessionsMiddleware( - $c->get(ISession::class), - $c->get(IUserSession::class), - ) - ); + $dispatcher->registerMiddleware($c->get(FlowV2EphemeralSessionsMiddleware::class)); $securityMiddleware = new SecurityMiddleware( $c->get(IRequest::class), diff --git a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php index b3e406adf22..461a8f91884 100644 --- a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php +++ b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php @@ -7,6 +7,7 @@ declare(strict_types=1); */ namespace OC\AppFramework\Middleware; +use OC\AppFramework\Utility\ControllerMethodReflector; use OC\Core\Controller\ClientFlowLoginV2Controller; use OCP\AppFramework\Controller; use OCP\AppFramework\Middleware; @@ -20,6 +21,7 @@ class FlowV2EphemeralSessionsMiddleware extends Middleware { public function __construct( private ISession $session, private IUserSession $userSession, + private ControllerMethodReflector $reflector, ) { } @@ -40,6 +42,10 @@ class FlowV2EphemeralSessionsMiddleware extends Middleware { return; } + if ($this->reflector->hasAnnotation('PublicPage')) { + return; + } + $this->userSession->logout(); $this->session->close(); } diff --git a/lib/private/Authentication/Login/FlowV2EphemeralSessionsCommand.php b/lib/private/Authentication/Login/FlowV2EphemeralSessionsCommand.php index b215df1523f..82dd829334d 100644 --- a/lib/private/Authentication/Login/FlowV2EphemeralSessionsCommand.php +++ b/lib/private/Authentication/Login/FlowV2EphemeralSessionsCommand.php @@ -10,15 +10,18 @@ namespace OC\Authentication\Login; use OC\Core\Controller\ClientFlowLoginV2Controller; use OCP\ISession; +use OCP\IURLGenerator; class FlowV2EphemeralSessionsCommand extends ALoginCommand { public function __construct( private ISession $session, + private IURLGenerator $urlGenerator, ) { } public function process(LoginData $loginData): LoginResult { - if (str_starts_with($loginData->getRedirectUrl() ?? '', '/login/v2/grant')) { + $loginV2GrantRoute = $this->urlGenerator->linkToRoute('core.ClientFlowLoginV2.grantPage'); + if (str_starts_with($loginData->getRedirectUrl() ?? '', $loginV2GrantRoute)) { $this->session->set(ClientFlowLoginV2Controller::EPHEMERAL_NAME, true); } |