Return correct loginname in credentials,

even when token is invalid or has no password. Returning the uid as loginname is wrong, and leads to problems when these differ. E.g. the getapppassword API was creating app token with the uid as loginname. In a scenario with external authentication (such as LDAP), these tokens were then invalidated next time their underlying password was checked, and systematically ceased to function. Signed-off-by: Lionel Elie Mamane <[email protected]>
nextcloud · MorrisJobke · Jul 7, 2020 · Jun 7, 2020 · Jun 7, 2020 · Jun 20, 2020
commit f7f053b101f32efda5059872a4b155aea4d3ea21
diff --git a/lib/private/Authentication/LoginCredentials/Store.php b/lib/private/Authentication/LoginCredentials/Store.php
@@ -109,7 +109,7 @@ public function getLoginCredentials() {
 
 		if ($trySession && $this->session->exists('login_credentials')) {
 			$creds = json_decode($this->session->get('login_credentials'));
-			return new Credentials($creds->uid, $creds->uid, $creds->password);
+			return new Credentials($creds->uid, $this->session->get('loginname'), $creds->password);
 		}
 
 		// If we reach this line, an exception was thrown.