0
0
Fork 0
mirror of https://github.com/nextcloud/server.git synced 2025-02-27 10:06:31 +00:00

fix: Handle exception when clearing previously removed two factor tokens

If a token was already removed from the database but not from the
configuration clearing the tokens will try to remove it again from the
database, which caused a DoesNotExistException to be thrown.

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
This commit is contained in:
Daniel Calviño Sánchez 2024-10-28 10:15:16 +01:00 committed by backportbot[bot]
parent 44ed719027
commit 4d9cc7dd8d
2 changed files with 37 additions and 1 deletions
lib/private/Authentication/TwoFactorAuth
tests/lib/Authentication/TwoFactorAuth

View file

@ -31,6 +31,7 @@ use BadMethodCallException;
use Exception;
use OC\Authentication\Token\IProvider as TokenProvider;
use OCP\Activity\IManager;
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Authentication\Exceptions\InvalidTokenException;
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
@ -387,7 +388,10 @@ class Manager {
foreach ($tokensNeeding2FA as $tokenId) {
$this->config->deleteUserValue($userId, 'login_token_2fa', $tokenId);
$this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
try {
$this->tokenProvider->invalidateTokenById($userId, (int)$tokenId);
} catch (DoesNotExistException $e) {
}
}
}
}

View file

@ -29,6 +29,7 @@ use OC\Authentication\TwoFactorAuth\MandatoryTwoFactor;
use OC\Authentication\TwoFactorAuth\ProviderLoader;
use OCP\Activity\IEvent;
use OCP\Activity\IManager;
use OCP\AppFramework\Db\DoesNotExistException;
use OCP\AppFramework\Utility\ITimeFactory;
use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin;
use OCP\Authentication\TwoFactorAuth\IProvider;
@ -741,4 +742,35 @@ class ManagerTest extends TestCase {
$this->manager->clearTwoFactorPending('theUserId');
}
public function testClearTwoFactorPendingTokenDoesNotExist() {
$this->config->method('getUserKeys')
->with('theUserId', 'login_token_2fa')
->willReturn([
'42', '43', '44'
]);
$this->config->expects($this->exactly(3))
->method('deleteUserValue')
->withConsecutive(
['theUserId', 'login_token_2fa', '42'],
['theUserId', 'login_token_2fa', '43'],
['theUserId', 'login_token_2fa', '44'],
);
$this->tokenProvider->expects($this->exactly(3))
->method('invalidateTokenById')
->withConsecutive(
['theUserId', 42],
['theUserId', 43],
['theUserId', 44],
)
->willReturnCallback(function ($user, $tokenId) {
if ($tokenId === 43) {
throw new DoesNotExistException('token does not exist');
}
});
$this->manager->clearTwoFactorPending('theUserId');
}
}