Merge pull request #45809 from nextcloud/fix/noid/fix-new-token-scope-name

[stable29] fix(Token): make new scope future compatible

lib/private/AppFramework/Middleware/Security/PasswordConfirmationMiddleware.php

@@ -103,7 +103,7 @@ class PasswordConfirmationMiddleware extends Middleware {
 				return;
 			}
 			$scope = $token->getScopeAsArray();
-			if (isset($scope['sso-based-login']) && $scope['sso-based-login'] === true) {
+			if (isset($scope['password-unconfirmable']) && $scope['password-unconfirmable'] === true) {
 				// Users logging in from SSO backends cannot confirm their password by design
 				return;
 			}

lib/private/Template/JSConfigHelper.php

@@ -312,6 +312,6 @@ class JSConfigHelper {
 			return true;
 		}
 		$scope = $token->getScopeAsArray();
-		return !isset($scope['sso-based-login']) || $scope['sso-based-login'] === false;
+		return !isset($scope['password-unconfirmable']) || $scope['password-unconfirmable'] === false;
 	}
 }

lib/private/legacy/OC_User.php

@@ -202,7 +202,7 @@ class OC_User {
 				if (empty($password)) {
 					$tokenProvider = \OC::$server->get(IProvider::class);
 					$token = $tokenProvider->getToken($userSession->getSession()->getId());
-					$token->setScope(['sso-based-login' => true]);
+					$token->setScope(['password-unconfirmable' => true]);
 					$tokenProvider->updateToken($token);
 				}
 

tests/lib/AppFramework/Middleware/Security/PasswordConfirmationMiddlewareTest.php

@@ -198,7 +198,7 @@ class PasswordConfirmationMiddlewareTest extends TestCase {
 
 		$token = $this->createMock(IToken::class);
 		$token->method('getScopeAsArray')
-			->willReturn(['sso-based-login' => true]);
+			->willReturn(['password-unconfirmable' => true]);
 		$this->tokenProvider->expects($this->once())
 			->method('getToken')
 			->with($sessionId)