From 50c78a4bf4c2ab4194f40111b8a34b7e9cc17a14 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thomas=20M=C3=BCller?= Date: Fri, 23 Feb 2018 09:57:02 +0100 Subject: [PATCH] Fixing logout for app password scenario --- lib/private/User/BasicAuthModule.php | 9 ++++++++- lib/private/User/Session.php | 2 +- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/private/User/BasicAuthModule.php b/lib/private/User/BasicAuthModule.php index 8e94cc9352cd..6c5a191106e0 100644 --- a/lib/private/User/BasicAuthModule.php +++ b/lib/private/User/BasicAuthModule.php @@ -25,6 +25,7 @@ use OCP\Authentication\IAuthModule; use OCP\IRequest; +use OCP\ISession; use OCP\IUser; use OCP\IUserManager; @@ -32,9 +33,12 @@ class BasicAuthModule implements IAuthModule { /** @var IUserManager */ private $manager; + /** @var ISession */ + private $session; - public function __construct(IUserManager $manager) { + public function __construct(IUserManager $manager, ISession $session) { $this->manager = $manager; + $this->session = $session; } /** @@ -44,6 +48,9 @@ public function auth(IRequest $request) { if (!isset($request->server['PHP_AUTH_USER'], $request->server['PHP_AUTH_PW'])) { return null; } + if ($this->session->exists('app_password')) { + return null; + } $authUser = $request->server['PHP_AUTH_USER']; $authPass = $request->server['PHP_AUTH_PW']; if ($authUser === '' || $authPass === '') { diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php index 2d5046d2efdc..d46fc88a1010 100644 --- a/lib/private/User/Session.php +++ b/lib/private/User/Session.php @@ -925,7 +925,7 @@ public function verifyAuthHeaders($request) { protected function getAuthModules($includeBuiltIn) { if ($includeBuiltIn) { yield new TokenAuthModule($this->session, $this->tokenProvider, $this->manager); - yield new BasicAuthModule($this->manager); + yield new BasicAuthModule($this->manager, $this->session); } $modules = $this->serviceLoader->load(['auth-modules']);