mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #26572 from nextcloud/bugfix/noid/throw-401-when-authentication-is-provided-and-invalid 

Throw "401 Unauthenticated" when authentication is provided but invalid
This commit is contained in:
Joas Schilling 2021-04-27 14:37:28 +02:00 committed by GitHub
parent bf1c875425 83e10b7a73
commit c52a026f55
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
build/integration/features/bootstrap/RemoteContext.php
View File

@ -138,7 +138,13 @@ class RemoteContext implements Context {
* @param string $value * @param string $value
*/ */
public function hasCapability($key, $value) { public function hasCapability($key, $value) {
$capabilities = $this->getApiClient()->getCapabilities(); try {
$capabilities = $this->getApiClient()->getCapabilities();
} catch (\Exception $e) {
Assert::assertInstanceOf($value, $e);
$this->lastException = $e;
return;
}
$current = $capabilities; $current = $capabilities;
$parts = explode('.', $key); $parts = explode('.', $key);
foreach ($parts as $part) { foreach ($parts as $part) {

3
build/integration/remoteapi_features/remote.feature
View File

@ -34,4 +34,5 @@ Feature: remote
Given using remote server "REMOTE" Given using remote server "REMOTE"
And user "user0" exists And user "user0" exists
And using credentials "user0", "invalid" And using credentials "user0", "invalid"
Then the capability "theming.name" is "Nextcloud" Then the capability "theming.name" is "OC\ForbiddenException"
Then the request should throw a "OC\ForbiddenException"

2
lib/private/User/Session.php
View File

@ -599,6 +599,8 @@ class Session implements IUserSession, Emitter {
return true; return true;
} }
// If credentials were provided, they need to be valid, otherwise we do boom
throw new LoginException();
} catch (PasswordLoginForbiddenException $ex) { } catch (PasswordLoginForbiddenException $ex) {
// Nothing to do // Nothing to do
} }

9
tests/lib/Authentication/TwoFactorAuth/ProviderLoaderTest.php
View File

@ -32,15 +32,16 @@ use OC\AppFramework\Bootstrap\ServiceRegistration;
use OC\Authentication\TwoFactorAuth\ProviderLoader; use OC\Authentication\TwoFactorAuth\ProviderLoader;
use OCP\App\IAppManager; use OCP\App\IAppManager;
use OCP\Authentication\TwoFactorAuth\IProvider; use OCP\Authentication\TwoFactorAuth\IProvider;
use OCP\IUser;
use PHPUnit\Framework\MockObject\MockObject; use PHPUnit\Framework\MockObject\MockObject;
use Test\TestCase; use Test\TestCase;
class ProviderLoaderTest extends TestCase { class ProviderLoaderTest extends TestCase {
/** @var IAppManager|\PHPUnit\Framework\MockObject\MockObject */ /** @var IAppManager|MockObject */
private $appManager; private $appManager;
/** @var \OCP\IUser|\PHPUnit\Framework\MockObject\MockObject */ /** @var IUser|MockObject */
private $user; private $user;
/** @var RegistrationContext|MockObject */ /** @var RegistrationContext|MockObject */
@ -53,7 +54,7 @@ class ProviderLoaderTest extends TestCase {
parent::setUp(); parent::setUp();
$this->appManager = $this->createMock(IAppManager::class); $this->appManager = $this->createMock(IAppManager::class);
$this->user = $this->createMock(\OCP\IUser::class); $this->user = $this->createMock(IUser::class);
$this->registrationContext = $this->createMock(RegistrationContext::class); $this->registrationContext = $this->createMock(RegistrationContext::class);
$coordinator = $this->createMock(Coordinator::class); $coordinator = $this->createMock(Coordinator::class);
@ -123,7 +124,7 @@ class ProviderLoaderTest extends TestCase {
->with($this->user) ->with($this->user)
->willReturn([]); ->willReturn([]);
$this->registrationContext->method('getTwoFactorProvider') $this->registrationContext->method('getTwoFactorProviders')
->willReturn([ ->willReturn([
new ServiceRegistration('twofactor_test', '\\OCA\\TwoFactorTest\\Provider') new ServiceRegistration('twofactor_test', '\\OCA\\TwoFactorTest\\Provider')
]); ]);