Skip to content

Commit 4b563e0

Browse files
st3inyst3iny
authored
Merge pull request nextcloud#49097 from nextcloud/backport/48933/stable29
[stable29] Clear pending two factor tokens also from configuration
2 parents c6216ec + 4d9cc7d commit 4b563e0

File tree

2 files changed

+65
-1
lines changed

2 files changed

+65
-1
lines changed

lib/private/Authentication/TwoFactorAuth/Manager.php

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,6 +31,7 @@
3131
use Exception;
3232
use OC\Authentication\Token\IProvider as TokenProvider;
3333
use OCP\Activity\IManager;
34+
use OCP\AppFramework\Db\DoesNotExistException;
3435
use OCP\AppFramework\Utility\ITimeFactory;
3536
use OCP\Authentication\Exceptions\InvalidTokenException;
3637
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
@@ -385,7 +386,12 @@ public function clearTwoFactorPending(string $userId) {
385386
$tokensNeeding2FA = $this->config->getUserKeys($userId, 'login_token_2fa');
386387

387388
foreach ($tokensNeeding2FA as $tokenId) {
388-
$this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
389+
$this->config->deleteUserValue($userId, 'login_token_2fa', $tokenId);
390+
391+
try {
392+
$this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
393+
} catch (DoesNotExistException $e) {
394+
}
389395
}
390396
}
391397
}

tests/lib/Authentication/TwoFactorAuth/ManagerTest.php

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,7 @@
2929
use OC\Authentication\TwoFactorAuth\ProviderLoader;
3030
use OCP\Activity\IEvent;
3131
use OCP\Activity\IManager;
32+
use OCP\AppFramework\Db\DoesNotExistException;
3233
use OCP\AppFramework\Utility\ITimeFactory;
3334
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
3435
use OCP\Authentication\TwoFactorAuth\IProvider;
@@ -715,4 +716,61 @@ public function testNeedsSecondFactorAppPassword() {
715716

716717
$this->assertFalse($this->manager->needsSecondFactor($user));
717718
}
719+
720+
public function testClearTwoFactorPending() {
721+
$this->config->method('getUserKeys')
722+
->with('theUserId', 'login_token_2fa')
723+
->willReturn([
724+
'42', '43', '44'
725+
]);
726+
727+
$this->config->expects($this->exactly(3))
728+
->method('deleteUserValue')
729+
->withConsecutive(
730+
['theUserId', 'login_token_2fa', '42'],
731+
['theUserId', 'login_token_2fa', '43'],
732+
['theUserId', 'login_token_2fa', '44'],
733+
);
734+
735+
$this->tokenProvider->expects($this->exactly(3))
736+
->method('invalidateTokenById')
737+
->withConsecutive(
738+
['theUserId', 42],
739+
['theUserId', 43],
740+
['theUserId', 44],
741+
);
742+
743+
$this->manager->clearTwoFactorPending('theUserId');
744+
}
745+
746+
public function testClearTwoFactorPendingTokenDoesNotExist() {
747+
$this->config->method('getUserKeys')
748+
->with('theUserId', 'login_token_2fa')
749+
->willReturn([
750+
'42', '43', '44'
751+
]);
752+
753+
$this->config->expects($this->exactly(3))
754+
->method('deleteUserValue')
755+
->withConsecutive(
756+
['theUserId', 'login_token_2fa', '42'],
757+
['theUserId', 'login_token_2fa', '43'],
758+
['theUserId', 'login_token_2fa', '44'],
759+
);
760+
761+
$this->tokenProvider->expects($this->exactly(3))
762+
->method('invalidateTokenById')
763+
->withConsecutive(
764+
['theUserId', 42],
765+
['theUserId', 43],
766+
['theUserId', 44],
767+
)
768+
->willReturnCallback(function ($user, $tokenId) {
769+
if ($tokenId === 43) {
770+
throw new DoesNotExistException('token does not exist');
771+
}
772+
});
773+
774+
$this->manager->clearTwoFactorPending('theUserId');
775+
}
718776
}

0 commit comments

Comments
 (0)