From 21e5f6e6d119940bbc78891ca693681abcbde493 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=B4me=20Chilliet?= Date: Tue, 26 Aug 2025 14:26:05 +0200 Subject: [PATCH 1/2] fix: Avoid internal error when logging in with the wrong account to verify email address MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Côme Chilliet --- .../lib/Controller/VerificationController.php | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/apps/provisioning_api/lib/Controller/VerificationController.php b/apps/provisioning_api/lib/Controller/VerificationController.php index 70535c4906c10..38f355e05896c 100644 --- a/apps/provisioning_api/lib/Controller/VerificationController.php +++ b/apps/provisioning_api/lib/Controller/VerificationController.php @@ -51,11 +51,18 @@ public function __construct( #[NoAdminRequired] #[NoCSRFRequired] public function showVerifyMail(string $token, string $userId, string $key): TemplateResponse { - if ($this->userSession->getUser()->getUID() !== $userId) { - // not a public page, hence getUser() must return an IUser - throw new InvalidArgumentException('Logged in account is not mail address owner'); + try { + if ($this->userSession->getUser()?->getUID() !== $userId) { + // not a public page, hence getUser() must return an IUser + throw new InvalidArgumentException($this->l10n->t('Logged in account is not mail address owner')); + } + $email = $this->crypto->decrypt($key); + } catch (\Exception $e) { + return new TemplateResponse( + 'core', 'error', [ + 'errors' => [['error' => $e->getMessage()]] + ], TemplateResponse::RENDER_AS_GUEST); } - $email = $this->crypto->decrypt($key); return new TemplateResponse( 'core', 'confirmation', [ @@ -73,8 +80,8 @@ public function showVerifyMail(string $token, string $userId, string $key): Temp public function verifyMail(string $token, string $userId, string $key): TemplateResponse { $throttle = false; try { - if ($this->userSession->getUser()->getUID() !== $userId) { - throw new InvalidArgumentException('Logged in account is not mail address owner'); + if ($this->userSession->getUser()?->getUID() !== $userId) { + throw new InvalidArgumentException($this->l10n->t('Logged in account is not mail address owner')); } $email = $this->crypto->decrypt($key); $ref = \substr(hash('sha256', $email), 0, 8); From a648715edcac9fb46f4e696ac7fc35c3abe71966 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=B4me=20Chilliet?= Date: Tue, 2 Sep 2025 14:36:27 +0200 Subject: [PATCH 2/2] fix: Use HintException instead of InvalidArgumentException MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit To carry translated error messages intended for the end user, HintException is the correct class. Signed-off-by: Côme Chilliet --- .../lib/Controller/VerificationController.php | 25 +++++++++++++------ 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/apps/provisioning_api/lib/Controller/VerificationController.php b/apps/provisioning_api/lib/Controller/VerificationController.php index 38f355e05896c..e89d8f1780c82 100644 --- a/apps/provisioning_api/lib/Controller/VerificationController.php +++ b/apps/provisioning_api/lib/Controller/VerificationController.php @@ -9,7 +9,6 @@ namespace OCA\Provisioning_API\Controller; -use InvalidArgumentException; use OC\Security\Crypto; use OCP\Accounts\IAccountManager; use OCP\AppFramework\Controller; @@ -18,6 +17,7 @@ use OCP\AppFramework\Http\Attribute\NoCSRFRequired; use OCP\AppFramework\Http\Attribute\OpenAPI; use OCP\AppFramework\Http\TemplateResponse; +use OCP\HintException; use OCP\IL10N; use OCP\IRequest; use OCP\IUserManager; @@ -54,13 +54,16 @@ public function showVerifyMail(string $token, string $userId, string $key): Temp try { if ($this->userSession->getUser()?->getUID() !== $userId) { // not a public page, hence getUser() must return an IUser - throw new InvalidArgumentException($this->l10n->t('Logged in account is not mail address owner')); + throw new HintException( + 'Logged in account is not mail address owner', + $this->l10n->t('Logged in account is not mail address owner'), + ); } $email = $this->crypto->decrypt($key); - } catch (\Exception $e) { + } catch (HintException $e) { return new TemplateResponse( 'core', 'error', [ - 'errors' => [['error' => $e->getMessage()]] + 'errors' => [['error' => $e->getHint()]] ], TemplateResponse::RENDER_AS_GUEST); } @@ -81,7 +84,10 @@ public function verifyMail(string $token, string $userId, string $key): Template $throttle = false; try { if ($this->userSession->getUser()?->getUID() !== $userId) { - throw new InvalidArgumentException($this->l10n->t('Logged in account is not mail address owner')); + throw new HintException( + 'Logged in account is not mail address owner', + $this->l10n->t('Logged in account is not mail address owner'), + ); } $email = $this->crypto->decrypt($key); $ref = \substr(hash('sha256', $email), 0, 8); @@ -94,7 +100,10 @@ public function verifyMail(string $token, string $userId, string $key): Template ->getPropertyByValue($email); if ($emailProperty === null) { - throw new InvalidArgumentException($this->l10n->t('Email was already removed from account and cannot be confirmed anymore.')); + throw new HintException( + 'Email was already removed from account and cannot be confirmed anymore.', + $this->l10n->t('Email was already removed from account and cannot be confirmed anymore.'), + ); } $emailProperty->setLocallyVerified(IAccountManager::VERIFIED); $this->accountManager->updateAccount($userAccount); @@ -106,8 +115,8 @@ public function verifyMail(string $token, string $userId, string $key): Template $throttle = true; $error = $this->l10n->t('Could not verify mail because the token is invalid.'); } - } catch (InvalidArgumentException $e) { - $error = $e->getMessage(); + } catch (HintException $e) { + $error = $e->getHint(); } catch (\Exception $e) { $error = $this->l10n->t('An unexpected error occurred. Please contact your admin.'); }