diff options
Diffstat (limited to 'lib/private/Authentication/Token/PublicKeyTokenProvider.php')
-rw-r--r-- | lib/private/Authentication/Token/PublicKeyTokenProvider.php | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index d7e9038a076..1c5f3da147f 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -134,9 +134,14 @@ class PublicKeyTokenProvider implements IProvider { public function renewSessionToken(string $oldSessionId, string $sessionId) { $token = $this->getToken($oldSessionId); + if (!($token instanceof PublicKeyToken)) { + throw new InvalidTokenException(); + } + $password = null; if (!is_null($token->getPassword())) { - $password = $this->decryptPassword($token->getPassword(), $oldSessionId); + $privateKey = $this->decrypt($token->getPrivateKey(), $oldSessionId); + $password = $this->decryptPassword($token->getPassword(), $privateKey); } $this->generateToken( @@ -198,6 +203,10 @@ class PublicKeyTokenProvider implements IProvider { throw new InvalidTokenException(); } + if ($token->getPassword() === null) { + throw new PasswordlessTokenException(); + } + // Decrypt private key with tokenId $privateKey = $this->decrypt($token->getPrivateKey(), $tokenId); |