update session token password on user password change
This commit is contained in:
Christoph Wurst
parent
0e575c7eea
commit
b805908dca
|
|
@ -150,6 +150,23 @@ class DefaultTokenProvider implements IProvider {
|
|||
return $this->decryptPassword($password, $tokenId);
|
||||
}
|
||||
|
||||
/**
|
||||
* Encrypt and set the password of the given token
|
||||
*
|
||||
* @param IToken $token
|
||||
* @param string $tokenId
|
||||
* @param string $password
|
||||
* @throws InvalidTokenException
|
||||
*/
|
||||
public function setPassword(IToken $token, $tokenId, $password) {
|
||||
if (!($token instanceof DefaultToken)) {
|
||||
throw new InvalidTokenException();
|
||||
}
|
||||
/** @var DefaultToken $token */
|
||||
$token->setPassword($this->encryptPassword($password, $tokenId));
|
||||
$this->mapper->update($token);
|
||||
}
|
||||
|
||||
/**
|
||||
* Invalidate (delete) the given session token
|
||||
*
|
||||
|
|
|
|||
|
|
@ -99,4 +99,14 @@ interface IProvider {
|
|||
* @return string
|
||||
*/
|
||||
public function getPassword(IToken $token, $tokenId);
|
||||
|
||||
/**
|
||||
* Encrypt and set the password of the given token
|
||||
*
|
||||
* @param IToken $token
|
||||
* @param string $tokenId
|
||||
* @param string $password
|
||||
* @throws InvalidTokenException
|
||||
*/
|
||||
public function setPassword(IToken $token, $tokenId, $password);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -676,4 +676,21 @@ class Session implements IUserSession, Emitter {
|
|||
setcookie('oc_remember_login', '', time() - 3600, OC::$WEBROOT . '/', '', $secureCookie, true);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update password of the browser session token if there is one
|
||||
*
|
||||
* @param string $password
|
||||
*/
|
||||
public function updateSessionTokenPassword($password) {
|
||||
try {
|
||||
$sessionId = $this->session->getId();
|
||||
$token = $this->tokenProvider->getToken($sessionId);
|
||||
$this->tokenProvider->setPassword($token, $sessionId, $password);
|
||||
} catch (SessionNotAvailableException $ex) {
|
||||
// Nothing to do
|
||||
} catch (InvalidTokenException $ex) {
|
||||
// Nothing to do
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -46,6 +46,7 @@ class Controller {
|
|||
exit();
|
||||
}
|
||||
if (!is_null($password) && \OC_User::setPassword($username, $password)) {
|
||||
\OC::$server->getUserSession()->updateSessionTokenPassword($username, $password);
|
||||
\OC_JSON::success();
|
||||
} else {
|
||||
\OC_JSON::error();
|
||||
|
|
|
|||
|
|
@ -175,6 +175,39 @@ class DefaultTokenProviderTest extends TestCase {
|
|||
$tokenProvider->getPassword($tk, $token);
|
||||
}
|
||||
|
||||
public function testSetPassword() {
|
||||
$token = new DefaultToken();
|
||||
$tokenId = 'token123';
|
||||
$password = '123456';
|
||||
|
||||
$this->config->expects($this->once())
|
||||
->method('getSystemValue')
|
||||
->with('secret')
|
||||
->will($this->returnValue('ocsecret'));
|
||||
$this->crypto->expects($this->once())
|
||||
->method('encrypt')
|
||||
->with($password, $tokenId . 'ocsecret')
|
||||
->will($this->returnValue('encryptedpassword'));
|
||||
$this->mapper->expects($this->once())
|
||||
->method('update')
|
||||
->with($token);
|
||||
|
||||
$this->tokenProvider->setPassword($token, $tokenId, $password);
|
||||
|
||||
$this->assertEquals('encryptedpassword', $token->getPassword());
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \OC\Authentication\Exceptions\InvalidTokenException
|
||||
*/
|
||||
public function testSetPasswordInvalidToken() {
|
||||
$token = $this->getMock('\OC\Authentication\Token\IToken');
|
||||
$tokenId = 'token123';
|
||||
$password = '123456';
|
||||
|
||||
$this->tokenProvider->setPassword($token, $tokenId, $password);
|
||||
}
|
||||
|
||||
public function testInvalidateToken() {
|
||||
$this->mapper->expects($this->once())
|
||||
->method('invalidate')
|
||||
|
|
|
|||
|
|
@ -818,4 +818,69 @@ class SessionTest extends \Test\TestCase {
|
|||
$this->invokePrivate($userSession, 'validateSession', [$user]);
|
||||
}
|
||||
|
||||
public function testUpdateSessionTokenPassword() {
|
||||
$userManager = $this->getMock('\OCP\IUserManager');
|
||||
$session = $this->getMock('\OCP\ISession');
|
||||
$timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory');
|
||||
$tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider');
|
||||
$userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config);
|
||||
|
||||
$password = '123456';
|
||||
$sessionId ='session1234';
|
||||
$token = new \OC\Authentication\Token\DefaultToken();
|
||||
|
||||
$session->expects($this->once())
|
||||
->method('getId')
|
||||
->will($this->returnValue($sessionId));
|
||||
$tokenProvider->expects($this->once())
|
||||
->method('getToken')
|
||||
->with($sessionId)
|
||||
->will($this->returnValue($token));
|
||||
$tokenProvider->expects($this->once())
|
||||
->method('setPassword')
|
||||
->with($token, $sessionId, $password);
|
||||
|
||||
$userSession->updateSessionTokenPassword($password);
|
||||
}
|
||||
|
||||
public function testUpdateSessionTokenPasswordNoSessionAvailable() {
|
||||
$userManager = $this->getMock('\OCP\IUserManager');
|
||||
$session = $this->getMock('\OCP\ISession');
|
||||
$timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory');
|
||||
$tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider');
|
||||
$userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config);
|
||||
|
||||
$session->expects($this->once())
|
||||
->method('getId')
|
||||
->will($this->throwException(new \OCP\Session\Exceptions\SessionNotAvailableException()));
|
||||
|
||||
$userSession->updateSessionTokenPassword('1234');
|
||||
}
|
||||
|
||||
public function testUpdateSessionTokenPasswordInvalidTokenException() {
|
||||
$userManager = $this->getMock('\OCP\IUserManager');
|
||||
$session = $this->getMock('\OCP\ISession');
|
||||
$timeFactory = $this->getMock('\OCP\AppFramework\Utility\ITimeFactory');
|
||||
$tokenProvider = $this->getMock('\OC\Authentication\Token\IProvider');
|
||||
$userSession = new \OC\User\Session($userManager, $session, $timeFactory, $tokenProvider, $this->config);
|
||||
|
||||
$password = '123456';
|
||||
$sessionId ='session1234';
|
||||
$token = new \OC\Authentication\Token\DefaultToken();
|
||||
|
||||
$session->expects($this->once())
|
||||
->method('getId')
|
||||
->will($this->returnValue($sessionId));
|
||||
$tokenProvider->expects($this->once())
|
||||
->method('getToken')
|
||||
->with($sessionId)
|
||||
->will($this->returnValue($token));
|
||||
$tokenProvider->expects($this->once())
|
||||
->method('setPassword')
|
||||
->with($token, $sessionId, $password)
|
||||
->will($this->throwException(new \OC\Authentication\Exceptions\InvalidTokenException()));
|
||||
|
||||
$userSession->updateSessionTokenPassword($password);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue