fix: Do not build encrypted password if there is none

Signed-off-by: Julius Knorr <jus@bitgrid.net>
10 months ago · 777cd941dc
parent 373107b6e4
commit 777cd941dc
2 changed files with 49 additions and 5 deletions
--- a/lib/private/Authentication/LoginCredentials/Store.php
+++ b/lib/private/Authentication/LoginCredentials/Store.php
@ -50,7 +50,9 @@ class Store implements IStore {
 	 * @param array $params
 	 */
 	public function authenticate(array $params) {
-		$params['password'] = $this->crypto->encrypt((string)$params['password']);
+		if ($params['password'] !== null) {
+			$params['password'] = $this->crypto->encrypt((string)$params['password']);
+		}
 		$this->session->set('login_credentials', json_encode($params));
 	}

@ -97,10 +99,12 @@ class Store implements IStore {
 		if ($trySession && $this->session->exists('login_credentials')) {
 			/** @var array $creds */
 			$creds = json_decode($this->session->get('login_credentials'), true);
-			try {
-				$creds['password'] = $this->crypto->decrypt($creds['password']);
-			} catch (Exception $e) {
-				//decryption failed, continue with old password as it is
+			if ($creds['password'] !== null) {
+				try {
+					$creds['password'] = $this->crypto->decrypt($creds['password']);
+				} catch (Exception $e) {
+					//decryption failed, continue with old password as it is
+				}
 			}
 			return new Credentials(
 				$creds['uid'],
--- a/tests/lib/Authentication/LoginCredentials/StoreTest.php
+++ b/tests/lib/Authentication/LoginCredentials/StoreTest.php
@ -253,4 +253,44 @@ class StoreTest extends TestCase {

 		$this->store->getLoginCredentials();
 	}
+
+	public function testAuthenticatePasswordlessToken(): void {
+		$user = 'user987';
+		$password = null;
+
+		$params = [
+			'run' => true,
+			'loginName' => $user,
+			'uid' => $user,
+			'password' => $password,
+		];
+
+		$this->session->expects($this->once())
+			->method('set')
+			->with($this->equalTo('login_credentials'), $this->equalTo(json_encode($params)));
+
+
+		$this->session->expects($this->once())
+			->method('getId')
+			->willReturn('sess2233');
+		$this->tokenProvider->expects($this->once())
+			->method('getToken')
+			->with('sess2233')
+			->will($this->throwException(new PasswordlessTokenException()));
+
+		$this->session->expects($this->once())
+			->method('exists')
+			->with($this->equalTo('login_credentials'))
+			->willReturn(true);
+		$this->session->expects($this->once())
+			->method('get')
+			->with($this->equalTo('login_credentials'))
+			->willReturn(json_encode($params));
+
+		$this->store->authenticate($params);
+		$actual = $this->store->getLoginCredentials();
+
+		$expected = new Credentials($user, $user, $password);
+		$this->assertEquals($expected, $actual);
+	}
 }