Redirect to the right token on public shares

If the token doesn't match (or isn't set) during the redirect. We should
properly set it. Else we might redirect to a later auth display that set
these values.

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
Roeland Jago Douma 2019-05-23 13:42:59 +02:00
parent e38f55d788
commit 96e51b5f6f
No known key found for this signature in database
GPG Key ID: F941078878347C0C
1 changed files with 14 additions and 0 deletions

View File

@ -185,6 +185,20 @@ abstract class AuthPublicShareController extends PublicShareController {
$route = $params['_route'];
unset($params['_route']);
}
// If the token doesn't match the rest of the arguments can't be trusted either
if (isset($params['token']) && $params['token'] !== $this->getToken()) {
$params = [
'token' => $this->getToken(),
];
}
// We need a token
if (!isset($params['token'])) {
$params = [
'token' => $this->getToken(),
];
}
}
return new RedirectResponse($this->urlGenerator->linkToRoute($route, $params));