Merge pull request #25225 from nextcloud/backport/24600/stable20

[stable20] Update handling of user credentials
This commit is contained in:
Morris Jobke 2021-01-20 14:57:48 +01:00 committed by GitHub
commit 1dcfab0d76
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 24 additions and 4 deletions

View File

@ -79,6 +79,11 @@ class LoginCredentials extends AuthMechanism {
try { try {
$sessionCredentials = $this->credentialsStore->getLoginCredentials(); $sessionCredentials = $this->credentialsStore->getLoginCredentials();
if ($sessionCredentials->getUID() !== $user->getUID()) {
// Can't take the credentials from the session as they are not the same user
throw new CredentialsUnavailableException();
}
$credentials = [ $credentials = [
'user' => $sessionCredentials->getLoginName(), 'user' => $sessionCredentials->getLoginName(),
'password' => $sessionCredentials->getPassword() 'password' => $sessionCredentials->getPassword()

View File

@ -51,10 +51,14 @@ class StorePasswordListener implements IEventListener {
} }
$stored = $this->credentialsManager->retrieve($event->getUser()->getUID(), LoginCredentials::CREDENTIALS_IDENTIFIER); $stored = $this->credentialsManager->retrieve($event->getUser()->getUID(), LoginCredentials::CREDENTIALS_IDENTIFIER);
$update = isset($stored['password']) && $stored['password'] !== $event->getPassword();
if (!$update && $event instanceof UserLoggedInEvent) {
$update = isset($stored['user']) && $stored['user'] !== $event->getLoginName();
}
if ($stored && $stored['password'] !== $event->getPassword()) { if ($stored && $update) {
$credentials = [ $credentials = [
'user' => $stored['user'], 'user' => $event->getLoginName(),
'password' => $event->getPassword() 'password' => $event->getPassword()
]; ];

View File

@ -569,7 +569,7 @@ class Server extends ServerContainer implements IServerContainer {
/** @var IEventDispatcher $dispatcher */ /** @var IEventDispatcher $dispatcher */
$dispatcher = $this->query(IEventDispatcher::class); $dispatcher = $this->query(IEventDispatcher::class);
$dispatcher->dispatchTyped(new UserLoggedInEvent($user, $password, $isTokenLogin)); $dispatcher->dispatchTyped(new UserLoggedInEvent($user, $loginName, $password, $isTokenLogin));
}); });
$userSession->listen('\OC\User', 'preRememberedLogin', function ($uid) { $userSession->listen('\OC\User', 'preRememberedLogin', function ($uid) {
/** @var IEventDispatcher $dispatcher */ /** @var IEventDispatcher $dispatcher */

View File

@ -43,14 +43,18 @@ class UserLoggedInEvent extends Event {
/** @var bool */ /** @var bool */
private $isTokenLogin; private $isTokenLogin;
/** @var string */
private $loginName;
/** /**
* @since 18.0.0 * @since 18.0.0
*/ */
public function __construct(IUser $user, string $password, bool $isTokenLogin) { public function __construct(IUser $user, string $loginName, string $password, bool $isTokenLogin) {
parent::__construct(); parent::__construct();
$this->user = $user; $this->user = $user;
$this->password = $password; $this->password = $password;
$this->isTokenLogin = $isTokenLogin; $this->isTokenLogin = $isTokenLogin;
$this->loginName = $loginName;
} }
/** /**
@ -60,6 +64,13 @@ class UserLoggedInEvent extends Event {
return $this->user; return $this->user;
} }
/**
* @since 21.0.0
*/
public function getLoginName(): string {
return $this->loginName;
}
/** /**
* @since 18.0.0 * @since 18.0.0
*/ */