From ca33d6b01caceae4d553aae1b65d7b7dde3d4324 Mon Sep 17 00:00:00 2001
From: Christoph Wurst <christoph@winzerhof-wurst.at>
Date: Wed, 11 Oct 2023 19:59:18 +0200
Subject: fix(session): Log when crypto session data is lost

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
---
 lib/private/Session/CryptoSessionData.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'lib')

diff --git a/lib/private/Session/CryptoSessionData.php b/lib/private/Session/CryptoSessionData.php
index 1eb6987fc18..76a214584a6 100644
--- a/lib/private/Session/CryptoSessionData.php
+++ b/lib/private/Session/CryptoSessionData.php
@@ -32,6 +32,7 @@ namespace OC\Session;
 use OCP\ISession;
 use OCP\Security\ICrypto;
 use OCP\Session\Exceptions\SessionNotAvailableException;
+use function OCP\Log\logger;
 
 /**
  * Class CryptoSessionData
@@ -82,9 +83,14 @@ class CryptoSessionData implements \ArrayAccess, ISession {
 		try {
 			$this->sessionValues = json_decode(
 				$this->crypto->decrypt($encryptedSessionData, $this->passphrase),
-				true
+				true,
+				512,
+				JSON_THROW_ON_ERROR,
 			);
 		} catch (\Exception $e) {
+			logger('core')->critical('Could not decrypt or decode encrypted session data', [
+				'exception' => $e,
+			]);
 			$this->sessionValues = [];
 			$this->regenerateId(true, false);
 		}
-- 
cgit v1.2.3