sascha
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #48359 from nextcloud/artonge/feat/compare_hashed_password_when_updating_global_cred_in_files_external 

fix: Use placeholder for external storage password
pull/48349/head
Louis 2024-09-26 14:56:37 +07:00 committed by GitHub
parent 0a568e5b48 20eb464835
commit c45ed55f95
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php
Unescape Escape View File

@ -19,6 +19,7 @@ use OCP\Security\ICredentialsManager;
*/
class GlobalAuth extends AuthMechanism {
public const CREDENTIALS_IDENTIFIER = 'password::global';
private const PWD_PLACEHOLDER = '************************';
/** @var ICredentialsManager */
protected $credentialsManager;
@ -41,11 +42,18 @@ class GlobalAuth extends AuthMechanism {
'password' => ''
];
} else {
$auth['password'] = self::PWD_PLACEHOLDER;
return $auth;
}
}
public function saveAuth($uid, $user, $password) {
// Use old password if it has not changed.
if ($password === self::PWD_PLACEHOLDER) {
$auth = $this->credentialsManager->retrieve($uid, self::CREDENTIALS_IDENTIFIER);
$password = $auth['password'];
}
$this->credentialsManager->store($uid, self::CREDENTIALS_IDENTIFIER, [
'user' => $user,
'password' => $password