From 5ea5b2de84fe21da0b3140d1df06f5098aa389a5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Calvi=C3=B1o=20S=C3=A1nchez?= Date: Mon, 28 Oct 2024 10:15:16 +0100 Subject: [PATCH] fix: Handle exception when clearing previously removed two factor tokens MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If a token was already removed from the database but not from the configuration clearing the tokens will try to remove it again from the database, which caused a DoesNotExistException to be thrown. Signed-off-by: Daniel Calviño Sánchez --- .../Authentication/TwoFactorAuth/Manager.php | 6 +++- .../TwoFactorAuth/ManagerTest.php | 32 +++++++++++++++++++ 2 files changed, 37 insertions(+), 1 deletion(-) diff --git a/lib/private/Authentication/TwoFactorAuth/Manager.php b/lib/private/Authentication/TwoFactorAuth/Manager.php index 74a19ebc71844..1b22300e31712 100644 --- a/lib/private/Authentication/TwoFactorAuth/Manager.php +++ b/lib/private/Authentication/TwoFactorAuth/Manager.php @@ -12,6 +12,7 @@ use Exception; use OC\Authentication\Token\IProvider as TokenProvider; use OCP\Activity\IManager; +use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Utility\ITimeFactory; use OCP\Authentication\Exceptions\InvalidTokenException; use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin; @@ -368,7 +369,10 @@ public function clearTwoFactorPending(string $userId) { foreach ($tokensNeeding2FA as $tokenId) { $this->config->deleteUserValue($userId, 'login_token_2fa', $tokenId); - $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId); + try { + $this->tokenProvider->invalidateTokenById($userId, (int)$tokenId); + } catch (DoesNotExistException $e) { + } } } } diff --git a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php index de761aa6dc261..52792c29ed0a2 100644 --- a/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php +++ b/tests/lib/Authentication/TwoFactorAuth/ManagerTest.php @@ -15,6 +15,7 @@ use OC\Authentication\TwoFactorAuth\ProviderLoader; use OCP\Activity\IEvent; use OCP\Activity\IManager; +use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Utility\ITimeFactory; use OCP\Authentication\TwoFactorAuth\IActivatableAtLogin; use OCP\Authentication\TwoFactorAuth\IProvider; @@ -727,4 +728,35 @@ public function testClearTwoFactorPending() { $this->manager->clearTwoFactorPending('theUserId'); } + + public function testClearTwoFactorPendingTokenDoesNotExist() { + $this->config->method('getUserKeys') + ->with('theUserId', 'login_token_2fa') + ->willReturn([ + '42', '43', '44' + ]); + + $this->config->expects($this->exactly(3)) + ->method('deleteUserValue') + ->withConsecutive( + ['theUserId', 'login_token_2fa', '42'], + ['theUserId', 'login_token_2fa', '43'], + ['theUserId', 'login_token_2fa', '44'], + ); + + $this->tokenProvider->expects($this->exactly(3)) + ->method('invalidateTokenById') + ->withConsecutive( + ['theUserId', 42], + ['theUserId', 43], + ['theUserId', 44], + ) + ->willReturnCallback(function ($user, $tokenId) { + if ($tokenId === 43) { + throw new DoesNotExistException('token does not exist'); + } + }); + + $this->manager->clearTwoFactorPending('theUserId'); + } }