From 6a783d9b085dab0674f7537c9cec219d175f0399 Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@arthur-schiwon.de>
Date: Wed, 10 Jul 2024 13:15:20 +0200
Subject: fix(Session): avoid race conditions on clustered setups

- re-stablishes old behaviour with cache to return null instead of throwing
  an InvalidTokenException when the token is cached as non-existing
- token invalidation and re-generation are bundled in a DB transaction now

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
---
 lib/private/Authentication/Token/PublicKeyTokenProvider.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib/private/Authentication')

diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
index 767ece1e551..18b850b9377 100644
--- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php
+++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php
@@ -171,7 +171,7 @@ class PublicKeyTokenProvider implements IProvider {
 	private function getTokenFromCache(string $tokenHash): ?PublicKeyToken {
 		$serializedToken = $this->cache->get($tokenHash);
 		if ($serializedToken === false) {
-			throw new InvalidTokenException('Token does not exist: ' . $tokenHash);
+			return null;
 		}
 
 		if ($serializedToken === null) {
-- 
cgit v1.2.3