From 355b0defe4e51073dcb0e70ab1388118be9c02ed Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Mon, 28 Jan 2019 16:12:06 +0100 Subject: Clean pending 2FA authentication on password reset When a password is reste we should make sure that all users are properly logged in. Pending states should be cleared. For example a session where the 2FA code is not entered yet should be cleared. The token is now removed so the session will be killed the next time this is checked (within 5 minutes). Signed-off-by: Roeland Jago Douma --- tests/Core/Controller/LostControllerTest.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'tests') diff --git a/tests/Core/Controller/LostControllerTest.php b/tests/Core/Controller/LostControllerTest.php index 91b52fc8efa..de8e8cfbcef 100644 --- a/tests/Core/Controller/LostControllerTest.php +++ b/tests/Core/Controller/LostControllerTest.php @@ -21,6 +21,7 @@ namespace Tests\Core\Controller; +use OC\Authentication\TwoFactorAuth\Manager; use OC\Core\Controller\LostController; use OC\Mail\Message; use OCP\AppFramework\Http\JSONResponse; @@ -74,6 +75,8 @@ class LostControllerTest extends \Test\TestCase { private $request; /** @var ICrypto|\PHPUnit_Framework_MockObject_MockObject */ private $crypto; + /** @var Manager|\PHPUnit_Framework_MockObject_MockObject */ + private $twofactorManager; protected function setUp() { parent::setUp(); @@ -124,6 +127,7 @@ class LostControllerTest extends \Test\TestCase { ->method('isEnabled') ->willReturn(true); $this->crypto = $this->createMock(ICrypto::class); + $this->twofactorManager = $this->createMock(Manager::class); $this->lostController = new LostController( 'Core', $this->request, @@ -137,7 +141,8 @@ class LostControllerTest extends \Test\TestCase { $this->encryptionManager, $this->mailer, $this->timeFactory, - $this->crypto + $this->crypto, + $this->twofactorManager ); } -- cgit v1.2.3