1 files changed, 7 insertions, 6 deletions

diff --git a/lib/private/Authentication/LoginCredentials/Store.php b/lib/private/Authentication/LoginCredentials/Store.php
index 927c1c29f63..3330eb90230 100644
--- a/lib/private/Authentication/LoginCredentials/Store.php
+++ b/lib/private/Authentication/LoginCredentials/Store.php
@@ -8,6 +8,7 @@ declare(strict_types=1);
  */
 namespace OC\Authentication\LoginCredentials;
 
+use Exception;
 use OC\Authentication\Exceptions\PasswordlessTokenException;
 use OC\Authentication\Token\IProvider;
 use OCP\Authentication\Exceptions\CredentialsUnavailableException;
@@ -30,17 +31,13 @@ class Store implements IStore {
 	/** @var IProvider|null */
 	private $tokenProvider;
 
-	/** @var ICrypto */
-	private $crypto;
-
 	public function __construct(ISession $session,
 		LoggerInterface $logger,
-		ICrypto $crypto,
+		private readonly ICrypto $crypto,
 		?IProvider $tokenProvider = null) {
 		$this->session = $session;
 		$this->logger = $logger;
 		$this->tokenProvider = $tokenProvider;
-		$this->crypto = $crypto;
 
 		Util::connectHook('OC_User', 'post_login', $this, 'authenticate');
 	}
@@ -98,7 +95,11 @@ class Store implements IStore {
 		if ($trySession && $this->session->exists('login_credentials')) {
 			/** @var array $creds */
 			$creds = json_decode($this->session->get('login_credentials'), true);
-			$creds['password'] = $this->crypto->decrypt($creds['password']);
+			try {
+				$creds['password'] = $this->crypto->decrypt($creds['password']);
+			} catch (Exception $e) {
+				//decryption failed, continue with old password as it is
+			}
 			return new Credentials(
 				$creds['uid'],
 				$creds['loginName'] ?? $this->session->get('loginname') ?? $creds['uid'], // Pre 20 didn't have a loginName property, hence fall back to the session value and then to the UID