From 4bbc21cb216c51ab22f31089c9c09a3dec8980dc Mon Sep 17 00:00:00 2001
From: Roeland Jago Douma <roeland@famdouma.nl>
Date: Tue, 29 May 2018 12:18:10 +0200
Subject: SetPassword on PublicKeyTokens

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
---
 .../Authentication/Token/PublicKeyTokenProvider.php        | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'lib/private/Authentication/Token/PublicKeyTokenProvider.php')

diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index 926e3c678d4..5c97877e730 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -215,9 +215,19 @@ class PublicKeyTokenProvider implements IProvider {
 	}
 
 	public function setPassword(IToken $token, string $tokenId, string $password) {
-		// Kill all temp tokens except the current token
+		if (!($token instanceof PublicKeyToken)) {
+			throw new InvalidTokenException();
+		}
+
+		// Update the password for all tokens
+		$tokens = $this->mapper->getTokenByUser($token->getUID());
+		foreach ($tokens as $t) {
+			$publicKey = $token->getPublicKey();
+			$t->setPassword($this->encryptPassword($password, $publicKey));
+			$this->updateToken($t);
+		}
 
-		// Update pass for all permanent tokens by rencrypting
+		//TODO: should we also do this for temp tokens?
 	}
 
 	public function rotate(IToken $token, string $oldTokenId, string $newTokenId): IToken {
-- 
cgit v1.2.3