Skip to content

fix: null password handling in entry control logic #453

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
blizzz merged 1 commit into from
Apr 4, 2023
Merged

fix: null password handling in entry control logic #453

blizzz merged 1 commit into from
Apr 4, 2023

Conversation

@st3iny
Copy link
Member

@st3iny st3iny commented Apr 4, 2023
edited
Loading

Fix #448
Fix nextcloud/user_saml#709

BeforeUserLoggedInEvent is allowed to contain no password (string|null). However, the entry control logic fails if the password is null, because it always expects a string.

public function entryControl(string $loginName, string $password) {}

I fixed this by also allowing null for the password. There is only one implementation of the IEntryControl interface in this app and it doesn't even make use of the password param so this should be safe change.

There don't seem to be any other implementations of this interface outside this app (source: GitHub search for IEntryControl).

@st3iny st3iny added this to the Nextcloud 27 milestone Apr 4, 2023
@st3iny st3iny self-assigned this Apr 4, 2023
@st3iny
Copy link
Member Author

st3iny commented Apr 4, 2023

/backport to stable26

@blizzz blizzz merged commit 477e14e into master Apr 4, 2023
@blizzz blizzz deleted the fix/448/handle-null-passwords branch April 4, 2023 09:06
@backportbot-nextcloud backportbot-nextcloud bot mentioned this pull request Apr 4, 2023
Merged
@solracsf
Copy link
Member

solracsf commented Apr 22, 2023

Can this be backported to 25?
nextcloud/user_saml#715

@st3iny
Copy link
Member Author

st3iny commented Apr 23, 2023

/backport to stable25

@backportbot-nextcloud backportbot-nextcloud bot mentioned this pull request Apr 23, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nickvergessen nickvergessen nickvergessen approved these changes

@blizzz blizzz Awaiting requested review from blizzz

@skjnldsv skjnldsv Awaiting requested review from skjnldsv

Assignees

@st3iny st3iny

Labels

3. to review bug regression

Projects

💌 📅 👥 Groupware team
Archived in project

Milestone

Nextcloud 27

5 participants

@st3iny @solracsf @nickvergessen @blizzz