Skip to content

Commit 37dbe82

Browse files
skjnldsvskjnldsv
authored
Fix updating and deleting authtokens (#17397)
Fix updating and deleting authtokens
2 parents 79c59fb + 9aa992e commit 37dbe82

File tree

2 files changed

+51
-2
lines changed

2 files changed

+51
-2
lines changed

apps/settings/lib/Controller/AuthSettingsController.php

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@
2929

3030
use BadMethodCallException;
3131
use OC\Authentication\Exceptions\InvalidTokenException;
32+
use OC\Authentication\Exceptions\ExpiredTokenException;
3233
use OC\Authentication\Exceptions\PasswordlessTokenException;
3334
use OC\Authentication\Exceptions\WipeTokenException;
3435
use OC\Authentication\Token\INamedToken;
@@ -259,10 +260,13 @@ private function publishActivity(string $subject, int $id, array $parameters = [
259260
* @param int $id
260261
* @return IToken
261262
* @throws InvalidTokenException
262-
* @throws \OC\Authentication\Exceptions\ExpiredTokenException
263263
*/
264264
private function findTokenByIdAndUser(int $id): IToken {
265-
$token = $this->tokenProvider->getTokenById($id);
265+
try {
266+
$token = $this->tokenProvider->getTokenById($id);
267+
} catch (ExpiredTokenException $e) {
268+
$token = $e->getToken();
269+
}
266270
if ($token->getUID() !== $this->uid) {
267271
throw new InvalidTokenException('This token does not belong to you!');
268272
}

apps/settings/tests/Controller/AuthSettingsControllerTest.php

Lines changed: 45 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,6 +23,7 @@
2323

2424
use OC\AppFramework\Http;
2525
use OC\Authentication\Exceptions\InvalidTokenException;
26+
use OC\Authentication\Exceptions\ExpiredTokenException;
2627
use OC\Authentication\Token\DefaultToken;
2728
use OC\Authentication\Token\IProvider;
2829
use OC\Authentication\Token\IToken;
@@ -188,6 +189,30 @@ public function testDestroy() {
188189
$this->assertEquals([], $this->controller->destroy($tokenId));
189190
}
190191

192+
public function testDestroyExpired() {
193+
$tokenId = 124;
194+
$token = $this->createMock(DefaultToken::class);
195+
196+
$token->expects($this->exactly(2))
197+
->method('getId')
198+
->willReturn($tokenId);
199+
200+
$token->expects($this->once())
201+
->method('getUID')
202+
->willReturn($this->uid);
203+
204+
$this->tokenProvider->expects($this->once())
205+
->method('getTokenById')
206+
->with($this->equalTo($tokenId))
207+
->willThrowException(new ExpiredTokenException($token));
208+
209+
$this->tokenProvider->expects($this->once())
210+
->method('invalidateTokenById')
211+
->with($this->uid, $tokenId);
212+
213+
$this->assertSame([], $this->controller->destroy($tokenId));
214+
}
215+
191216
public function testDestroyWrongUser() {
192217
$tokenId = 124;
193218
$token = $this->createMock(DefaultToken::class);
@@ -320,6 +345,26 @@ public function testUpdateNoChange(): void {
320345
$this->assertSame([], $this->controller->update($tokenId, ['filesystem' => true], 'App password'));
321346
}
322347

348+
public function testUpdateExpired() {
349+
$tokenId = 42;
350+
$token = $this->createMock(DefaultToken::class);
351+
352+
$token->expects($this->once())
353+
->method('getUID')
354+
->willReturn($this->uid);
355+
356+
$this->tokenProvider->expects($this->once())
357+
->method('getTokenById')
358+
->with($this->equalTo($tokenId))
359+
->willThrowException(new ExpiredTokenException($token));
360+
361+
$this->tokenProvider->expects($this->once())
362+
->method('updateToken')
363+
->with($this->equalTo($token));
364+
365+
$this->assertSame([], $this->controller->update($tokenId, ['filesystem' => true], 'App password'));
366+
}
367+
323368
public function testUpdateTokenWrongUser() {
324369
$tokenId = 42;
325370
$token = $this->createMock(DefaultToken::class);

0 commit comments

Comments
 (0)