open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

check the username when doing external storage session auth

Browse Source 
Signed-off-by: Robin Appelman <robin@icewind.nl>
pull/38265/head
Robin Appelman 3 years ago
parent db02684008
commit 2466724b01
No known key found for this signature in database
GPG Key ID: 42B69D8A64526EFB
1 changed files with 5 additions and 0 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 5
      apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php

5
apps/files_external/lib/Lib/Auth/Password/SessionCredentials.php vendored
Unescape View File

@ -30,6 +30,7 @@ use OCA\Files_External\Lib\StorageConfig;
use OCP\Authentication\Exceptions\CredentialsUnavailableException;
use OCP\Authentication\LoginCredentials\IStore as CredentialsStore;
use OCP\Files\Storage;
use OCP\Files\StorageAuthException;
use OCP\IL10N;
use OCP\IUser;
@ -57,6 +58,10 @@ class SessionCredentials extends AuthMechanism {
throw new InsufficientDataForMeaningfulAnswerException('No session credentials saved');
}
if ($credentials->getUID() !== $user->getUID()) {
throw new StorageAuthException('Session credentials for storage owner not available');
}
$storage->setBackendOption('user', $credentials->getLoginName());
$storage->setBackendOption('password', $credentials->getPassword());
}

Write Preview
Loading…
Cancel
Save