diff options
| author | Christoph Wurst <ChristophWurst@users.noreply.github.com> | 2021-10-11 10:54:33 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-10-11 10:54:33 +0200 |
| commit | 4a1a9d6821fa61885080793ab34cdb9f4d2d0057 (patch) | |
| tree | e71903c9e5f5c0ab98d82ad062a00d86133740d0 /lib | |
| parent | 48d7e45f5c827d702e430b0952f2db3a95820a9e (diff) | |
| parent | 508fe1899c42c67ca5d9084f4360e0480c735a14 (diff) | |
| download | nextcloud-server-4a1a9d6821fa61885080793ab34cdb9f4d2d0057.tar.gz nextcloud-server-4a1a9d6821fa61885080793ab34cdb9f4d2d0057.zip | |
Merge pull request #29122 from nextcloud/bugfix/noid/apache-auth-apptoken
Tokens without password should not trigger changed password invalidation
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/private/Authentication/Token/DefaultTokenProvider.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/private/Authentication/Token/DefaultTokenProvider.php b/lib/private/Authentication/Token/DefaultTokenProvider.php index a5fabdbeae2..a60c8b85b08 100644 --- a/lib/private/Authentication/Token/DefaultTokenProvider.php +++ b/lib/private/Authentication/Token/DefaultTokenProvider.php @@ -224,7 +224,7 @@ class DefaultTokenProvider implements IProvider { */ public function getPassword(IToken $savedToken, string $tokenId): string { $password = $savedToken->getPassword(); - if (is_null($password)) { + if ($password === null || $password === '') { throw new PasswordlessTokenException(); } return $this->decryptPassword($password, $tokenId); |