1 files changed, 10 insertions, 6 deletions

diff --git a/apps/files_external/lib/Lib/Auth/Password/UserProvided.php b/apps/files_external/lib/Lib/Auth/Password/UserProvided.php
index fe9fd357b89..b158392f6eb 100644
--- a/apps/files_external/lib/Lib/Auth/Password/UserProvided.php
+++ b/apps/files_external/lib/Lib/Auth/Password/UserProvided.php
@@ -1,4 +1,5 @@
 <?php
+
 /**
  * SPDX-FileCopyrightText: 2018-2024 Nextcloud GmbH and Nextcloud contributors
  * SPDX-FileCopyrightText: 2015 ownCloud, Inc.
@@ -22,12 +23,10 @@ use OCP\Security\ICredentialsManager;
 class UserProvided extends AuthMechanism implements IUserProvided {
 	public const CREDENTIALS_IDENTIFIER_PREFIX = 'password::userprovided/';
 
-	/** @var ICredentialsManager */
-	protected $credentialsManager;
-
-	public function __construct(IL10N $l, ICredentialsManager $credentialsManager) {
-		$this->credentialsManager = $credentialsManager;
-
+	public function __construct(
+		IL10N $l,
+		protected ICredentialsManager $credentialsManager,
+	) {
 		$this
 			->setIdentifier('password::userprovided')
 			->setVisibility(BackendService::VISIBILITY_ADMIN)
@@ -47,6 +46,11 @@ class UserProvided extends AuthMechanism implements IUserProvided {
 	}
 
 	public function saveBackendOptions(IUser $user, $mountId, array $options) {
+		if ($options['password'] === DefinitionParameter::UNMODIFIED_PLACEHOLDER) {
+			$oldCredentials = $this->credentialsManager->retrieve($user->getUID(), $this->getCredentialsIdentifier($mountId));
+			$options['password'] = $oldCredentials['password'];
+		}
+
 		$this->credentialsManager->store($user->getUID(), $this->getCredentialsIdentifier($mountId), [
 			'user' => $options['user'], // explicitly copy the fields we want instead of just passing the entire $options array
 			'password' => $options['password'] // this way we prevent users from being able to modify any other field