From 4bbc21cb216c51ab22f31089c9c09a3dec8980dc Mon Sep 17 00:00:00 2001 From: Roeland Jago Douma Date: Tue, 29 May 2018 12:18:10 +0200 Subject: [PATCH] SetPassword on PublicKeyTokens Signed-off-by: Roeland Jago Douma --- .../Token/PublicKeyTokenProvider.php | 14 +++++++++++-- .../Token/DefaultTokenProviderTest.php | 10 ++++----- .../Token/PublicKeyTokenProviderTest.php | 21 +++++++++++++------ 3 files changed, 31 insertions(+), 14 deletions(-) diff --git a/lib/private/Authentication/Token/PublicKeyTokenProvider.php b/lib/private/Authentication/Token/PublicKeyTokenProvider.php index 926e3c678d..5c97877e73 100644 --- a/lib/private/Authentication/Token/PublicKeyTokenProvider.php +++ b/lib/private/Authentication/Token/PublicKeyTokenProvider.php @@ -215,9 +215,19 @@ class PublicKeyTokenProvider implements IProvider { } public function setPassword(IToken $token, string $tokenId, string $password) { - // Kill all temp tokens except the current token + if (!($token instanceof PublicKeyToken)) { + throw new InvalidTokenException(); + } - // Update pass for all permanent tokens by rencrypting + // Update the password for all tokens + $tokens = $this->mapper->getTokenByUser($token->getUID()); + foreach ($tokens as $t) { + $publicKey = $token->getPublicKey(); + $t->setPassword($this->encryptPassword($password, $publicKey)); + $this->updateToken($t); + } + + //TODO: should we also do this for temp tokens? } public function rotate(IToken $token, string $oldTokenId, string $newTokenId): IToken { diff --git a/tests/lib/Authentication/Token/DefaultTokenProviderTest.php b/tests/lib/Authentication/Token/DefaultTokenProviderTest.php index 95b5b92855..58e152457f 100644 --- a/tests/lib/Authentication/Token/DefaultTokenProviderTest.php +++ b/tests/lib/Authentication/Token/DefaultTokenProviderTest.php @@ -132,13 +132,12 @@ class DefaultTokenProviderTest extends TestCase { } public function testGetTokenByUser() { - $user = $this->createMock(IUser::class); $this->mapper->expects($this->once()) ->method('getTokenByUser') - ->with($user) + ->with('uid') ->will($this->returnValue(['token'])); - $this->assertEquals(['token'], $this->tokenProvider->getTokenByUser($user)); + $this->assertEquals(['token'], $this->tokenProvider->getTokenByUser('uid')); } public function testGetPassword() { @@ -243,13 +242,12 @@ class DefaultTokenProviderTest extends TestCase { public function testInvaildateTokenById() { $id = 123; - $user = $this->createMock(IUser::class); $this->mapper->expects($this->once()) ->method('deleteById') - ->with($user, $id); + ->with('uid', $id); - $this->tokenProvider->invalidateTokenById($user, $id); + $this->tokenProvider->invalidateTokenById('uid', $id); } public function testInvalidateOldTokens() { diff --git a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php index 4901001db9..d5cfe5d1ee 100644 --- a/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php +++ b/tests/lib/Authentication/Token/PublicKeyTokenProviderTest.php @@ -121,13 +121,12 @@ class PublicKeyTokenProviderTest extends TestCase { } public function testGetTokenByUser() { - $user = $this->createMock(IUser::class); $this->mapper->expects($this->once()) ->method('getTokenByUser') - ->with($user) + ->with('uid') ->will($this->returnValue(['token'])); - $this->assertEquals(['token'], $this->tokenProvider->getTokenByUser($user)); + $this->assertEquals(['token'], $this->tokenProvider->getTokenByUser('uid')); } public function testGetPassword() { @@ -189,7 +188,18 @@ class PublicKeyTokenProviderTest extends TestCase { $actual = $this->tokenProvider->generateToken($token, $uid, $user, $password, $name, $type, IToken::DO_NOT_REMEMBER); + $this->mapper->method('getTokenByUser') + ->with('user') + ->willReturn([$actual]); + $newpass = 'newpass'; + $this->mapper->expects($this->once()) + ->method('update') + ->with($this->callback(function ($token) use ($newpass) { + return $newpass === $this->tokenProvider->getPassword($token, 'token'); + })); + + $this->tokenProvider->setPassword($actual, $token, $newpass); $this->assertSame($newpass, $this->tokenProvider->getPassword($actual, 'token')); @@ -216,13 +226,12 @@ class PublicKeyTokenProviderTest extends TestCase { public function testInvaildateTokenById() { $id = 123; - $user = $this->createMock(IUser::class); $this->mapper->expects($this->once()) ->method('deleteById') - ->with($user, $id); + ->with('uid', $id); - $this->tokenProvider->invalidateTokenById($user, $id); + $this->tokenProvider->invalidateTokenById('uid', $id); } public function testInvalidateOldTokens() {