Skip to content

Commit

Permalink
Allow SSO authentication to provide a user secret
Browse files Browse the repository at this point in the history
Implementing PR #24837 from immerda

Signed-off-by: MichaIng <[email protected]>
  • Loading branch information
MichaIng committed Jul 13, 2021
1 parent 154fe59 commit 3a066e3
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 2 deletions.
6 changes: 4 additions & 2 deletions lib/private/legacy/OC_User.php
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,9 @@ public static function loginWithApache(\OCP\Authentication\IApacheBackend $backe
$userSession = \OC::$server->getUserSession();
$userSession->setLoginName($uid);
$request = OC::$server->getRequest();
$userSession->createSessionToken($request, $uid, $uid);
$secret = $backend->getCurrentUserSecret();
$userSession->createSessionToken($request, $uid, $uid, $secret);
$pw = $secret === null ? '' : $secret;
// setup the filesystem
OC_Util::setupFS($uid);
// first call the post_login hooks, the login-process needs to be
Expand All @@ -184,7 +186,7 @@ public static function loginWithApache(\OCP\Authentication\IApacheBackend $backe
'post_login',
[
'uid' => $uid,
'password' => '',
'password' => $pw,
'isTokenLogin' => false,
]
);
Expand Down
8 changes: 8 additions & 0 deletions lib/public/Authentication/IApacheBackend.php
Original file line number Diff line number Diff line change
Expand Up @@ -56,4 +56,12 @@ public function getLogoutUrl();
* @since 6.0.0
*/
public function getCurrentUserId();

/**
* Optionally returns a stable per-user secret. This secret is for
* instance used to secure file encryption keys.
* @return string|null
* @since 23.0.0
*/
public function getCurrentUserSecret();
}

0 comments on commit 3a066e3

Please sign in to comment.