4 files changed, 23 insertions, 21 deletions

diff --git a/lib/private/Security/Bruteforce/Throttler.php b/lib/private/Security/Bruteforce/Throttler.php
index 065f720ba72..574f6c80c3f 100644
--- a/lib/private/Security/Bruteforce/Throttler.php
+++ b/lib/private/Security/Bruteforce/Throttler.php
@@ -206,25 +206,27 @@ class Throttler implements IThrottler {
 	 * {@inheritDoc}
 	 */
 	public function sleepDelayOrThrowOnMax(string $ip, string $action = ''): int {
-		$attempts = $this->getAttempts($ip, $action, 0.5);
-		if ($attempts > $this->config->getSystemValueInt('auth.bruteforce.max-attempts', self::MAX_ATTEMPTS)) {
-			$this->logger->info('IP address blocked because it reached the maximum failed attempts in the last 30 minutes [action: {action}, attempts: {attempts}, ip: {ip}]', [
-				'action' => $action,
-				'ip' => $ip,
-				'attempts' => $attempts,
-			]);
-			// If the ip made too many attempts within the last 30 mins we don't execute anymore
-			throw new MaxDelayReached('Reached maximum delay');
-		}
-
+		$maxAttempts = $this->config->getSystemValueInt('auth.bruteforce.max-attempts', self::MAX_ATTEMPTS);
 		$attempts = $this->getAttempts($ip, $action);
-		if ($attempts > 10) {
+		if ($attempts > $maxAttempts) {
+			$attempts30mins = $this->getAttempts($ip, $action, 0.5);
+			if ($attempts30mins > $maxAttempts) {
+				$this->logger->info('IP address blocked because it reached the maximum failed attempts in the last 30 minutes [action: {action}, attempts: {attempts}, ip: {ip}]', [
+					'action' => $action,
+					'ip' => $ip,
+					'attempts' => $attempts30mins,
+				]);
+				// If the ip made too many attempts within the last 30 mins we don't execute anymore
+				throw new MaxDelayReached('Reached maximum delay');
+			}
+
 			$this->logger->info('IP address throttled because it reached the attempts limit in the last 12 hours [action: {action}, attempts: {attempts}, ip: {ip}]', [
 				'action' => $action,
 				'ip' => $ip,
 				'attempts' => $attempts,
 			]);
 		}
+
 		if ($attempts > 0) {
 			return $this->calculateDelay($attempts);
 		}
diff --git a/lib/private/Security/Hasher.php b/lib/private/Security/Hasher.php
index ba661f5a356..722fdab902f 100644
--- a/lib/private/Security/Hasher.php
+++ b/lib/private/Security/Hasher.php
@@ -106,8 +106,8 @@ class Hasher implements IHasher {
 
 		// Verify whether it matches a legacy PHPass or SHA1 string
 		$hashLength = \strlen($hash);
-		if (($hashLength === 60 && password_verify($message . $this->legacySalt, $hash)) ||
-			($hashLength === 40 && hash_equals($hash, sha1($message)))) {
+		if (($hashLength === 60 && password_verify($message . $this->legacySalt, $hash))
+			|| ($hashLength === 40 && hash_equals($hash, sha1($message)))) {
 			$newHash = $this->hash($message);
 			return true;
 		}
@@ -115,8 +115,8 @@ class Hasher implements IHasher {
 		// Verify whether it matches a legacy PHPass or SHA1 string
 		// Retry with empty passwordsalt for cases where it was not set
 		$hashLength = \strlen($hash);
-		if (($hashLength === 60 && password_verify($message, $hash)) ||
-			($hashLength === 40 && hash_equals($hash, sha1($message)))) {
+		if (($hashLength === 60 && password_verify($message, $hash))
+			|| ($hashLength === 40 && hash_equals($hash, sha1($message)))) {
 			$newHash = $this->hash($message);
 			return true;
 		}
diff --git a/lib/private/Security/Signature/Model/SignedRequest.php b/lib/private/Security/Signature/Model/SignedRequest.php
index f30935e83b1..12a43f32bcc 100644
--- a/lib/private/Security/Signature/Model/SignedRequest.php
+++ b/lib/private/Security/Signature/Model/SignedRequest.php
@@ -74,8 +74,8 @@ class SignedRequest implements ISignedRequest, JsonSerializable {
 	 */
 	public function getDigest(): string {
 		if ($this->digest === '') {
-			$this->digest = $this->digestAlgorithm->value . '=' .
-							base64_encode(hash($this->digestAlgorithm->getHashingAlgorithm(), $this->body, true));
+			$this->digest = $this->digestAlgorithm->value . '='
+							. base64_encode(hash($this->digestAlgorithm->getHashingAlgorithm(), $this->body, true));
 		}
 		return $this->digest;
 	}
diff --git a/lib/private/Security/VerificationToken/VerificationToken.php b/lib/private/Security/VerificationToken/VerificationToken.php
index 1995b482597..89f45180359 100644
--- a/lib/private/Security/VerificationToken/VerificationToken.php
+++ b/lib/private/Security/VerificationToken/VerificationToken.php
@@ -85,9 +85,9 @@ class VerificationToken implements IVerificationToken {
 	): string {
 		$token = $this->secureRandom->generate(
 			21,
-			ISecureRandom::CHAR_DIGITS .
-			ISecureRandom::CHAR_LOWER .
-			ISecureRandom::CHAR_UPPER
+			ISecureRandom::CHAR_DIGITS
+			. ISecureRandom::CHAR_LOWER
+			. ISecureRandom::CHAR_UPPER
 		);
 		$tokenValue = $this->timeFactory->getTime() . ':' . $token;
 		$encryptedValue = $this->crypto->encrypt($tokenValue, $passwordPrefix . $this->config->getSystemValueString('secret'));