From 47b46fa69db7d569f871e6325c2874d13f336a81 Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Fri, 7 Sep 2018 10:01:31 +0200
Subject: Expire tokens hardening

Just to be sure that the field is also not 0

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 lib/private/Authentication/Token/PublicKeyTokenProvider.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index f6a6fc3455f..73bd7a711dc 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -80,7 +80,7 @@ class PublicKeyTokenProvider implements IProvider {
 			throw new InvalidTokenException();
 		}
 
-		if ($token->getExpires() !== null && $token->getExpires() < $this->time->getTime()) {
+		if ($token->getExpires() !== null && $token->getExpires() !== 0 && $token->getExpires() < $this->time->getTime()) {
 			throw new ExpiredTokenException($token);
 		}
 
-- 
cgit v1.2.3