From 3fd16de636e6ee32de9bc8c808a9c6eda2523493 Mon Sep 17 00:00:00 2001
From: yemkareems <yemkareems@gmail.com>
Date: Mon, 28 Oct 2024 16:32:57 +0530
Subject: fix: crypto made inline for constructor and decrypt error handled in
 exception

Signed-off-by: yemkareems <yemkareems@gmail.com>
---
 lib/private/Authentication/LoginCredentials/Store.php | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

(limited to 'lib/private/Authentication')

diff --git a/lib/private/Authentication/LoginCredentials/Store.php b/lib/private/Authentication/LoginCredentials/Store.php
index 927c1c29f63..3330eb90230 100644
--- a/lib/private/Authentication/LoginCredentials/Store.php
+++ b/lib/private/Authentication/LoginCredentials/Store.php
@@ -8,6 +8,7 @@ declare(strict_types=1);
  */
 namespace OC\Authentication\LoginCredentials;
 
+use Exception;
 use OC\Authentication\Exceptions\PasswordlessTokenException;
 use OC\Authentication\Token\IProvider;
 use OCP\Authentication\Exceptions\CredentialsUnavailableException;
@@ -30,17 +31,13 @@ class Store implements IStore {
 	/** @var IProvider|null */
 	private $tokenProvider;
 
-	/** @var ICrypto */
-	private $crypto;
-
 	public function __construct(ISession $session,
 		LoggerInterface $logger,
-		ICrypto $crypto,
+		private readonly ICrypto $crypto,
 		?IProvider $tokenProvider = null) {
 		$this->session = $session;
 		$this->logger = $logger;
 		$this->tokenProvider = $tokenProvider;
-		$this->crypto = $crypto;
 
 		Util::connectHook('OC_User', 'post_login', $this, 'authenticate');
 	}
@@ -98,7 +95,11 @@ class Store implements IStore {
 		if ($trySession && $this->session->exists('login_credentials')) {
 			/** @var array $creds */
 			$creds = json_decode($this->session->get('login_credentials'), true);
-			$creds['password'] = $this->crypto->decrypt($creds['password']);
+			try {
+				$creds['password'] = $this->crypto->decrypt($creds['password']);
+			} catch (Exception $e) {
+				//decryption failed, continue with old password as it is
+			}
 			return new Credentials(
 				$creds['uid'],
 				$creds['loginName'] ?? $this->session->get('loginname') ?? $creds['uid'], // Pre 20 didn't have a loginName property, hence fall back to the session value and then to the UID
-- 
cgit v1.2.3