Merge pull request #22569 from nextcloud/backport/22524/stable19
[stable19] Fix app password updating out of bounds
This commit is contained in:
commit
6117a82ae3
|
@ -613,6 +613,7 @@ return array(
|
||||||
'OC\\Authentication\\Listeners\\RemoteWipeNotificationsListener' => $baseDir . '/lib/private/Authentication/Listeners/RemoteWipeNotificationsListener.php',
|
'OC\\Authentication\\Listeners\\RemoteWipeNotificationsListener' => $baseDir . '/lib/private/Authentication/Listeners/RemoteWipeNotificationsListener.php',
|
||||||
'OC\\Authentication\\Listeners\\UserDeletedStoreCleanupListener' => $baseDir . '/lib/private/Authentication/Listeners/UserDeletedStoreCleanupListener.php',
|
'OC\\Authentication\\Listeners\\UserDeletedStoreCleanupListener' => $baseDir . '/lib/private/Authentication/Listeners/UserDeletedStoreCleanupListener.php',
|
||||||
'OC\\Authentication\\Listeners\\UserDeletedTokenCleanupListener' => $baseDir . '/lib/private/Authentication/Listeners/UserDeletedTokenCleanupListener.php',
|
'OC\\Authentication\\Listeners\\UserDeletedTokenCleanupListener' => $baseDir . '/lib/private/Authentication/Listeners/UserDeletedTokenCleanupListener.php',
|
||||||
|
'OC\\Authentication\\Listeners\\UserLoggedInListener' => $baseDir . '/lib/private/Authentication/Listeners/UserLoggedInListener.php',
|
||||||
'OC\\Authentication\\LoginCredentials\\Credentials' => $baseDir . '/lib/private/Authentication/LoginCredentials/Credentials.php',
|
'OC\\Authentication\\LoginCredentials\\Credentials' => $baseDir . '/lib/private/Authentication/LoginCredentials/Credentials.php',
|
||||||
'OC\\Authentication\\LoginCredentials\\Store' => $baseDir . '/lib/private/Authentication/LoginCredentials/Store.php',
|
'OC\\Authentication\\LoginCredentials\\Store' => $baseDir . '/lib/private/Authentication/LoginCredentials/Store.php',
|
||||||
'OC\\Authentication\\Login\\ALoginCommand' => $baseDir . '/lib/private/Authentication/Login/ALoginCommand.php',
|
'OC\\Authentication\\Login\\ALoginCommand' => $baseDir . '/lib/private/Authentication/Login/ALoginCommand.php',
|
||||||
|
|
|
@ -642,6 +642,7 @@ class ComposerStaticInit53792487c5a8370acc0b06b1a864ff4c
|
||||||
'OC\\Authentication\\Listeners\\RemoteWipeNotificationsListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/RemoteWipeNotificationsListener.php',
|
'OC\\Authentication\\Listeners\\RemoteWipeNotificationsListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/RemoteWipeNotificationsListener.php',
|
||||||
'OC\\Authentication\\Listeners\\UserDeletedStoreCleanupListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/UserDeletedStoreCleanupListener.php',
|
'OC\\Authentication\\Listeners\\UserDeletedStoreCleanupListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/UserDeletedStoreCleanupListener.php',
|
||||||
'OC\\Authentication\\Listeners\\UserDeletedTokenCleanupListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/UserDeletedTokenCleanupListener.php',
|
'OC\\Authentication\\Listeners\\UserDeletedTokenCleanupListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/UserDeletedTokenCleanupListener.php',
|
||||||
|
'OC\\Authentication\\Listeners\\UserLoggedInListener' => __DIR__ . '/../../..' . '/lib/private/Authentication/Listeners/UserLoggedInListener.php',
|
||||||
'OC\\Authentication\\LoginCredentials\\Credentials' => __DIR__ . '/../../..' . '/lib/private/Authentication/LoginCredentials/Credentials.php',
|
'OC\\Authentication\\LoginCredentials\\Credentials' => __DIR__ . '/../../..' . '/lib/private/Authentication/LoginCredentials/Credentials.php',
|
||||||
'OC\\Authentication\\LoginCredentials\\Store' => __DIR__ . '/../../..' . '/lib/private/Authentication/LoginCredentials/Store.php',
|
'OC\\Authentication\\LoginCredentials\\Store' => __DIR__ . '/../../..' . '/lib/private/Authentication/LoginCredentials/Store.php',
|
||||||
'OC\\Authentication\\Login\\ALoginCommand' => __DIR__ . '/../../..' . '/lib/private/Authentication/Login/ALoginCommand.php',
|
'OC\\Authentication\\Login\\ALoginCommand' => __DIR__ . '/../../..' . '/lib/private/Authentication/Login/ALoginCommand.php',
|
||||||
|
|
|
@ -0,0 +1,54 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
declare(strict_types=1);
|
||||||
|
/**
|
||||||
|
* @copyright Copyright (c) 2020, Roeland Jago Douma <roeland@famdouma.nl>
|
||||||
|
*
|
||||||
|
* @author Roeland Jago Douma <roeland@famdouma.nl>
|
||||||
|
*
|
||||||
|
* @license GNU AGPL version 3 or any later version
|
||||||
|
*
|
||||||
|
* This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Affero General Public License as
|
||||||
|
* published by the Free Software Foundation, either version 3 of the
|
||||||
|
* License, or (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Affero General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace OC\Authentication\Listeners;
|
||||||
|
|
||||||
|
use OC\Authentication\Token\Manager;
|
||||||
|
use OCP\EventDispatcher\Event;
|
||||||
|
use OCP\EventDispatcher\IEventListener;
|
||||||
|
use OCP\User\Events\PostLoginEvent;
|
||||||
|
|
||||||
|
class UserLoggedInListener implements IEventListener {
|
||||||
|
|
||||||
|
/** @var Manager */
|
||||||
|
private $manager;
|
||||||
|
|
||||||
|
public function __construct(Manager $manager) {
|
||||||
|
$this->manager = $manager;
|
||||||
|
}
|
||||||
|
|
||||||
|
public function handle(Event $event): void {
|
||||||
|
if (!($event instanceof PostLoginEvent)) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
// If this is already a token login there is nothing to do
|
||||||
|
if ($event->isTokenLogin()) {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$this->manager->updatePasswords($event->getUser()->getUID(), $event->getPassword());
|
||||||
|
}
|
||||||
|
}
|
|
@ -419,6 +419,7 @@ class PublicKeyTokenProvider implements IProvider {
|
||||||
foreach ($tokens as $t) {
|
foreach ($tokens as $t) {
|
||||||
$publicKey = $t->getPublicKey();
|
$publicKey = $t->getPublicKey();
|
||||||
$t->setPassword($this->encryptPassword($password, $publicKey));
|
$t->setPassword($this->encryptPassword($password, $publicKey));
|
||||||
|
$t->setPasswordInvalid(false);
|
||||||
$this->updateToken($t);
|
$this->updateToken($t);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -65,6 +65,7 @@ use OC\AppFramework\Utility\SimpleContainer;
|
||||||
use OC\AppFramework\Utility\TimeFactory;
|
use OC\AppFramework\Utility\TimeFactory;
|
||||||
use OC\Authentication\Events\LoginFailed;
|
use OC\Authentication\Events\LoginFailed;
|
||||||
use OC\Authentication\Listeners\LoginFailedListener;
|
use OC\Authentication\Listeners\LoginFailedListener;
|
||||||
|
use OC\Authentication\Listeners\UserLoggedInListener;
|
||||||
use OC\Authentication\LoginCredentials\Store;
|
use OC\Authentication\LoginCredentials\Store;
|
||||||
use OC\Authentication\Token\IProvider;
|
use OC\Authentication\Token\IProvider;
|
||||||
use OC\Avatar\AvatarManager;
|
use OC\Avatar\AvatarManager;
|
||||||
|
@ -221,6 +222,7 @@ use OCP\User\Events\BeforeUserLoggedInEvent;
|
||||||
use OCP\User\Events\BeforeUserLoggedInWithCookieEvent;
|
use OCP\User\Events\BeforeUserLoggedInWithCookieEvent;
|
||||||
use OCP\User\Events\BeforeUserLoggedOutEvent;
|
use OCP\User\Events\BeforeUserLoggedOutEvent;
|
||||||
use OCP\User\Events\PasswordUpdatedEvent;
|
use OCP\User\Events\PasswordUpdatedEvent;
|
||||||
|
use OCP\User\Events\PostLoginEvent;
|
||||||
use OCP\User\Events\UserChangedEvent;
|
use OCP\User\Events\UserChangedEvent;
|
||||||
use OCP\User\Events\UserCreatedEvent;
|
use OCP\User\Events\UserCreatedEvent;
|
||||||
use OCP\User\Events\UserDeletedEvent;
|
use OCP\User\Events\UserDeletedEvent;
|
||||||
|
@ -1429,6 +1431,7 @@ class Server extends ServerContainer implements IServerContainer {
|
||||||
/** @var IEventDispatcher $eventDispatched */
|
/** @var IEventDispatcher $eventDispatched */
|
||||||
$eventDispatched = $this->query(IEventDispatcher::class);
|
$eventDispatched = $this->query(IEventDispatcher::class);
|
||||||
$eventDispatched->addServiceListener(LoginFailed::class, LoginFailedListener::class);
|
$eventDispatched->addServiceListener(LoginFailed::class, LoginFailedListener::class);
|
||||||
|
$eventDispatched->addServiceListener(PostLoginEvent::class, UserLoggedInListener::class);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
Loading…
Reference in New Issue