open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Do not override stored credentials when login in with SAML

Browse Source 
When login in with SAML, the password from `$event->getPassword()` is `null`.

This PR makes sure that this `null` value won't be used to override the stored password even though it is different.

This PR also allow for the password and user to be updated even though they were not set before.

Signed-off-by: Louis Chemineau <louis@chmn.me>
pull/37717/head
Louis Chemineau 3 years ago
parent b3f59aa4c1
commit fec8ad8441
1 changed files with 2 additions and 2 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 4
      apps/files_external/lib/Listener/StorePasswordListener.php

4
apps/files_external/lib/Listener/StorePasswordListener.php vendored
Unescape View File

@ -59,12 +59,12 @@ class StorePasswordListener implements IEventListener {
$newCredentials = $storedCredentials;
$shouldUpdate = false;
if (isset($storedCredentials['password']) && $storedCredentials['password'] !== $event->getPassword()) {
if (($storedCredentials['password'] ?? null) !== $event->getPassword() && $event->getPassword() !== null) {
$shouldUpdate = true;
$newCredentials['password'] = $event->getPassword();
}
if (isset($storedCredentials['user']) && $event instanceof UserLoggedInEvent && $storedCredentials['user'] !== $event->getLoginName()) {
if ($event instanceof UserLoggedInEvent && ($storedCredentials['user'] ?? null) !== $event->getLoginName()) {
$shouldUpdate = true;
$newCredentials['user'] = $event->getLoginName();
}

Write Preview
Loading…
Cancel
Save