diff options
3 files changed, 31 insertions, 14 deletions
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index 926e3c678d4..5c97877e730 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -215,9 +215,19 @@ class PublicKeyTokenProvider implements IProvider { } public function setPassword(IToken $token, string $tokenId, string $password) { - // Kill all temp tokens except the current token + if (!($token instanceof PublicKeyToken)) { + throw new InvalidTokenException(); + } + + // Update the password for all tokens + $tokens = $this->mapper->getTokenByUser($token->getUID()); + foreach ($tokens as $t) { + $publicKey = $token->getPublicKey(); + $t->setPassword($this->encryptPassword($password, $publicKey)); + $this->updateToken($t); + } - // Update pass for all permanent tokens by rencrypting + //TODO: should we also do this for temp tokens? } public function rotate(IToken $token, string $oldTokenId, string $newTokenId): IToken { diff --git a/tests/lib/Authentication/Token/DefaultTokenProviderTest.php b/tests/lib/Authentication/Token/DefaultTokenProviderTest.php index 95b5b928559..58e152457fc 100644 --- a/tests/lib/Authentication/Token/DefaultTokenProviderTest.php +++ b/tests/lib/Authentication/Token/DefaultTokenProviderTest.php @@ -132,13 +132,12 @@ class DefaultTokenProviderTest extends TestCase { } public function testGetTokenByUser() { - $user = $this->createMock(IUser::class); $this->mapper->expects($this->once()) ->method('getTokenByUser') - ->with($user) + ->with('uid') ->will($this->returnValue(['token'])); - $this->assertEquals(['token'], $this->tokenProvider->getTokenByUser($user)); + $this->assertEquals(['token'], $this->tokenProvider->getTokenByUser('uid')); } public function testGetPassword() { @@ -243,13 +242,12 @@ class DefaultTokenProviderTest extends TestCase { public function testInvaildateTokenById() { $id = 123; - $user = $this->createMock(IUser::class); $this->mapper->expects($this->once()) ->method('deleteById') - ->with($user, $id); + ->with('uid', $id); - $this->tokenProvider->invalidateTokenById($user, $id); + $this->tokenProvider->invalidateTokenById('uid', $id); } public function testInvalidateOldTokens() { diff --git a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php index 4901001db99..d5cfe5d1ee6 100644 --- a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php +++ b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php @@ -121,13 +121,12 @@ class PublicKeyTokenProviderTest extends TestCase { } public function testGetTokenByUser() { - $user = $this->createMock(IUser::class); $this->mapper->expects($this->once()) ->method('getTokenByUser') - ->with($user) + ->with('uid') ->will($this->returnValue(['token'])); - $this->assertEquals(['token'], $this->tokenProvider->getTokenByUser($user)); + $this->assertEquals(['token'], $this->tokenProvider->getTokenByUser('uid')); } public function testGetPassword() { @@ -189,7 +188,18 @@ class PublicKeyTokenProviderTest extends TestCase { $actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); + $this->mapper->method('getTokenByUser') + ->with('user') + ->willReturn([$actual]); + $newpass = 'newpass'; + $this->mapper->expects($this->once()) + ->method('update') + ->with($this->callback(function ($token) use ($newpass) { + return $newpass === $this->tokenProvider->getPassword($token, 'token'); + })); + + $this->tokenProvider->setPassword($actual, $token, $newpass); $this->assertSame($newpass, $this->tokenProvider->getPassword($actual, 'token')); @@ -216,13 +226,12 @@ class PublicKeyTokenProviderTest extends TestCase { public function testInvaildateTokenById() { $id = 123; - $user = $this->createMock(IUser::class); $this->mapper->expects($this->once()) ->method('deleteById') - ->with($user, $id); + ->with('uid', $id); - $this->tokenProvider->invalidateTokenById($user, $id); + $this->tokenProvider->invalidateTokenById('uid', $id); } public function testInvalidateOldTokens() { |