Skip to content

Commit

Permalink
Merge pull request #48385 from nextcloud/backport/48359/stable27
Browse files Browse the repository at this point in the history
[stable27] fix: Use placeholder for external storage password
  • Loading branch information
sorbaugh authored Oct 1, 2024
2 parents f77dd11 + 400d4fa commit 0109d2f
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 10 deletions.
18 changes: 8 additions & 10 deletions .github/workflows/smb-kerberos.yml
Original file line number Diff line number Diff line change
@@ -1,32 +1,29 @@
name: Samba Kerberos SSO
on:
push:
branches:
- master
- stable*
paths:
- 'apps/files_external/**'
- '.github/workflows/smb-kerberos.yml'
pull_request:
paths:
- 'apps/files_external/**'
- '.github/workflows/smb-kerberos.yml'

concurrency:
group: smb-kerberos-${{ github.head_ref || github.run_id }}
cancel-in-progress: true

jobs:
smb-kerberos-tests:
runs-on: ubuntu-latest
runs-on: ubuntu-22.04

if: ${{ github.repository_owner != 'nextcloud-gmbh' }}

name: smb-kerberos-sso

steps:
- name: Checkout server
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
submodules: true
- name: Checkout user_saml
uses: actions/checkout@v3
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: nextcloud/user_saml
path: apps/user_saml
Expand All @@ -42,6 +39,7 @@ jobs:
- name: Setup AD-DC
run: |
DC_IP=$(apps/files_external/tests/sso-setup/start-dc.sh)
sleep 1
apps/files_external/tests/sso-setup/start-apache.sh $DC_IP $PWD
echo "DC_IP=$DC_IP" >> $GITHUB_ENV
- name: Set up Nextcloud
Expand Down
8 changes: 8 additions & 0 deletions apps/files_external/lib/Lib/Auth/Password/GlobalAuth.php
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@
*/
class GlobalAuth extends AuthMechanism {
public const CREDENTIALS_IDENTIFIER = 'password::global';
private const PWD_PLACEHOLDER = '************************';

/** @var ICredentialsManager */
protected $credentialsManager;
Expand All @@ -59,11 +60,18 @@ public function getAuth($uid) {
'password' => ''
];
} else {
$auth['password'] = self::PWD_PLACEHOLDER;
return $auth;
}
}

public function saveAuth($uid, $user, $password) {
// Use old password if it has not changed.
if ($password === self::PWD_PLACEHOLDER) {
$auth = $this->credentialsManager->retrieve($uid, self::CREDENTIALS_IDENTIFIER);
$password = $auth['password'];
}

$this->credentialsManager->store($uid, self::CREDENTIALS_IDENTIFIER, [
'user' => $user,
'password' => $password
Expand Down

0 comments on commit 0109d2f

Please sign in to comment.