diff options
author | Roeland Jago Douma <rullzer@users.noreply.github.com> | 2020-09-04 09:04:15 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-09-04 09:04:15 +0200 |
commit | 6117a82ae366ab5110f90bcb49378d2f0ce25f46 (patch) | |
tree | 3f3961c37bb48cf3d56f033e531c685c2f549e2a /lib | |
parent | 77edd1e11d57c13e7df9050e79b82051ba357a02 (diff) | |
parent | ebd2b0d3dd49a5d9f2cb328473188b7190e2d656 (diff) | |
download | nextcloud-server-6117a82ae366ab5110f90bcb49378d2f0ce25f46.tar.gz nextcloud-server-6117a82ae366ab5110f90bcb49378d2f0ce25f46.zip |
Merge pull request #22569 from nextcloud/backport/22524/stable19
[stable19] Fix app password updating out of bounds
Diffstat (limited to 'lib')
-rw-r--r-- | lib/composer/composer/autoload_classmap.php | 1 | ||||
-rw-r--r-- | lib/composer/composer/autoload_static.php | 1 | ||||
-rw-r--r-- | lib/private/Authentication/Listeners/UserLoggedInListener.php | 54 | ||||
-rw-r--r-- | lib/private/Authentication/Token/PublicKeyTokenProvider.php | 1 | ||||
-rw-r--r-- | lib/private/Server.php | 3 |
5 files changed, 60 insertions, 0 deletions
diff --git a/lib/composer/composer/autoload_classmap.php b/lib/composer/composer/autoload_classmap.php index 62b137523cf..81fc7601c78 100644 --- a/lib/composer/composer/autoload_classmap.php +++ b/lib/composer/composer/autoload_classmap.php @@ -613,6 +613,7 @@ return array( 'OC\\Authentication\\Listeners\\RemoteWipeNotificationsListener' => $baseDir . '/lib/private/Authentication/Listeners/RemoteWipeNotificationsListener.php', 'OC\\Authentication\\Listeners\\UserDeletedStoreCleanupListener' => $baseDir . '/lib/private/Authentication/Listeners/UserDeletedStoreCleanupListener.php', 'OC\\Authentication\\Listeners\\UserDeletedTokenCleanupListener' => $baseDir . '/lib/private/Authentication/Listeners/UserDeletedTokenCleanupListener.php', + 'OC\\Authentication\\Listeners\\UserLoggedInListener' => $baseDir . '/lib/private/Authentication/Listeners/UserLoggedInListener.php', 'OC\\Authentication\\LoginCredentials\\Credentials' => $baseDir . '/lib/private/Authentication/LoginCredentials/Credentials.php', 'OC\\Authentication\\LoginCredentials\\Store' => $baseDir . '/lib/private/Authentication/LoginCredentials/Store.php', 'OC\\Authentication\\Login\\ALoginCommand' => $baseDir . '/lib/private/Authentication/Login/ALoginCommand.php', diff --git a/lib/composer/composer/autoload_static.php b/lib/composer/composer/autoload_static.php index 285a834e5ca..02b476d57ba 100644 --- a/lib/composer/composer/autoload_static.php +++ b/lib/composer/composer/autoload_static.php @@ -642,6 +642,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c 'OC\\Authentication\\Listeners\\RemoteWipeNotificationsListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/RemoteWipeNotificationsListener.php', 'OC\\Authentication\\Listeners\\UserDeletedStoreCleanupListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/UserDeletedStoreCleanupListener.php', 'OC\\Authentication\\Listeners\\UserDeletedTokenCleanupListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/UserDeletedTokenCleanupListener.php', + 'OC\\Authentication\\Listeners\\UserLoggedInListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/UserLoggedInListener.php', 'OC\\Authentication\\LoginCredentials\\Credentials' => __DIR__ . '/../../..' . '/lib/private/Authentication/LoginCredentials/Credentials.php', 'OC\\Authentication\\LoginCredentials\\Store' => __DIR__ . '/../../..' . '/lib/private/Authentication/LoginCredentials/Store.php', 'OC\\Authentication\\Login\\ALoginCommand' => __DIR__ . '/../../..' . '/lib/private/Authentication/Login/ALoginCommand.php', diff --git a/lib/private/Authentication/Listeners/UserLoggedInListener.php b/lib/private/Authentication/Listeners/UserLoggedInListener.php new file mode 100644 index 00000000000..0347b4f5d1f --- /dev/null +++ b/lib/private/Authentication/Listeners/UserLoggedInListener.php @@ -0,0 +1,54 @@ +<?php + +declare(strict_types=1); +/** + * @copyright Copyright (c) 2020, Roeland Jago Douma <roeland@famdouma.nl> + * + * @author Roeland Jago Douma <roeland@famdouma.nl> + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * + */ + +namespace OC\Authentication\Listeners; + +use OC\Authentication\Token\Manager; +use OCP\EventDispatcher\Event; +use OCP\EventDispatcher\IEventListener; +use OCP\User\Events\PostLoginEvent; + +class UserLoggedInListener implements IEventListener { + + /** @var Manager */ + private $manager; + + public function __construct(Manager $manager) { + $this->manager = $manager; + } + + public function handle(Event $event): void { + if (!($event instanceof PostLoginEvent)) { + return; + } + + // If this is already a token login there is nothing to do + if ($event->isTokenLogin()) { + return; + } + + $this->manager->updatePasswords($event->getUser()->getUID(), $event->getPassword()); + } +} diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index 664440fe6bb..17d6a351c8e 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -419,6 +419,7 @@ class PublicKeyTokenProvider implements IProvider { foreach ($tokens as $t) { $publicKey = $t->getPublicKey(); $t->setPassword($this->encryptPassword($password, $publicKey)); + $t->setPasswordInvalid(false); $this->updateToken($t); } } diff --git a/lib/private/Server.php b/lib/private/Server.php index da92c647a1d..b1227663c5b 100644 --- a/lib/private/Server.php +++ b/lib/private/Server.php @@ -65,6 +65,7 @@ use OC\AppFramework\Utility\SimpleContainer; use OC\AppFramework\Utility\TimeFactory; use OC\Authentication\Events\LoginFailed; use OC\Authentication\Listeners\LoginFailedListener; +use OC\Authentication\Listeners\UserLoggedInListener; use OC\Authentication\LoginCredentials\Store; use OC\Authentication\Token\IProvider; use OC\Avatar\AvatarManager; @@ -221,6 +222,7 @@ use OCP\User\Events\BeforeUserLoggedInEvent; use OCP\User\Events\BeforeUserLoggedInWithCookieEvent; use OCP\User\Events\BeforeUserLoggedOutEvent; use OCP\User\Events\PasswordUpdatedEvent; +use OCP\User\Events\PostLoginEvent; use OCP\User\Events\UserChangedEvent; use OCP\User\Events\UserCreatedEvent; use OCP\User\Events\UserDeletedEvent; @@ -1429,6 +1431,7 @@ class Server extends ServerContainer implements IServerContainer { /** @var IEventDispatcher $eventDispatched */ $eventDispatched = $this->query(IEventDispatcher::class); $eventDispatched->addServiceListener(LoginFailed::class, LoginFailedListener::class); + $eventDispatched->addServiceListener(PostLoginEvent::class, UserLoggedInListener::class); } /** |