Merge pull request #45411 from nextcloud/fix/auth/selective-token-activity-update

fix(auth): Update authtoken activity selectively

lib/private/Authentication/Token/PublicKeyTokenProvider.php

@@ -286,8 +286,6 @@ class PublicKeyTokenProvider implements IProvider {
 		if (!($token instanceof PublicKeyToken)) {
 			throw new InvalidTokenException("Invalid token type");
 		}
-		$now = $this->time->getTime();
-		$token->setLastActivity($now);
 		$this->mapper->update($token);
 		$this->cacheToken($token);
 	}

lib/private/User/Session.php

@@ -11,6 +11,7 @@ use OC\Authentication\Exceptions\PasswordlessTokenException;
 use OC\Authentication\Exceptions\PasswordLoginForbiddenException;
 use OC\Authentication\Token\IProvider;
 use OC\Authentication\Token\IToken;
+use OC\Authentication\Token\PublicKeyToken;
 use OC\Authentication\TwoFactorAuth\Manager as TwoFactorAuthManager;
 use OC\Hooks\Emitter;
 use OC\Hooks\PublicEmitter;
@@ -752,6 +753,9 @@ class Session implements IUserSession, Emitter {
 		}
 
 		$dbToken->setLastCheck($now);
+		if ($dbToken instanceof PublicKeyToken) {
+			$dbToken->setLastActivity($now);
+		}
 		$this->tokenProvider->updateToken($dbToken);
 		return true;
 	}