nextcloud · skjnldsv · Sep 14, 2021 · Sep 10, 2021
@@ -172,7 +172,8 @@ public function resetform($token, $userId) {
 	 */
 	protected function checkPasswordResetToken(string $token, string $userId): void {
 		try {
-			$this->verificationToken->check($token, $this->userManager->get($userId), 'lostpassword', '', true);
+			$user = $this->userManager->get($userId);
+			$this->verificationToken->check($token, $user, 'lostpassword', $user ? $user->getEMailAddress() : '', true);
 		} catch (InvalidTokenException $e) {
 			$error = $e->getCode() === InvalidTokenException::TOKEN_EXPIRED
 				? $this->l10n->t('Could not reset password because the token is expired')

@@ -153,7 +153,7 @@ public function testResetFormTokenError() {
 			->willReturn($this->existingUser);
 		$this->verificationToken->expects($this->once())
 			->method('check')
-			->with('12345:MySecretToken', $this->existingUser, 'lostpassword')
+			->with('12345:MySecretToken', $this->existingUser, 'lostpassword', '[email protected]')
 			->willThrowException(new InvalidTokenException(InvalidTokenException::TOKEN_DECRYPTION_ERROR));
 
 		$response = $this->lostController->resetform('12345:MySecretToken', 'ValidTokenUser');
@@ -174,7 +174,7 @@ public function testResetFormValidToken() {
 			->willReturn($this->existingUser);
 		$this->verificationToken->expects($this->once())
 			->method('check')
-			->with('MySecretToken', $this->existingUser, 'lostpassword');
+			->with('MySecretToken', $this->existingUser, 'lostpassword', '[email protected]');
 
 		$response = $this->lostController->resetform('MySecretToken', 'ValidTokenUser');
 		$expectedResponse = new TemplateResponse('core',
@@ -513,6 +513,9 @@ public function testSetPasswordForDisabledUser() {
 			->willReturn(false);
 		$user->expects($this->never())
 			->method('setPassword');
+		$user->expects($this->any())
+			->method('getEMailAddress')
+			->willReturn('[email protected]');
 
 		$this->config->method('getUserValue')
 			->with('ValidTokenUser', 'core', 'lostpassword', null)