Merge pull request #31688 from nextcloud/bugfix/31658/automatically-cut-the-token-name-on-first-level

nickvergessen · web-flow · commit c9ea2363b1e5 · 2022-03-24T10:54:40.000+01:00
Automatically cut the token name on the first level
diff --git a/core/Controller/AppPasswordController.php b/core/Controller/AppPasswordController.php
@@ -99,9 +99,6 @@ public function getAppPassword(): DataResponse {
 		}
 
 		$userAgent = $this->request->getHeader('USER_AGENT');
-		if (mb_strlen($userAgent) > 128) {
-			$userAgent = mb_substr($userAgent, 0, 120) . '…';
-		}
 
 		$token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
 
diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
@@ -322,10 +322,6 @@ public function generateAppPassword($stateToken,
 			$clientName = $client->getName();
 		}
 
-		if (mb_strlen($clientName) > 128) {
-			$clientName = mb_substr($clientName, 0, 120) . '…';
-		}
-
 		$token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);
 		$uid = $this->userSession->getUser()->getUID();
 		$generatedToken = $this->tokenProvider->generateToken(
diff --git a/lib/private/Authentication/Token/IProvider.php b/lib/private/Authentication/Token/IProvider.php
@@ -44,7 +44,7 @@ interface IProvider {
 	 * @param string $uid
 	 * @param string $loginName
 	 * @param string|null $password
-	 * @param string $name
+	 * @param string $name Name will be trimmed to 120 chars when longer
 	 * @param int $type token type
 	 * @param int $remember whether the session token should be used for remember-me
 	 * @return IToken
diff --git a/lib/private/Authentication/Token/Manager.php b/lib/private/Authentication/Token/Manager.php
@@ -49,7 +49,7 @@ public function __construct(PublicKeyTokenProvider $publicKeyTokenProvider) {
 	 * @param string $uid
 	 * @param string $loginName
 	 * @param string|null $password
-	 * @param string $name
+	 * @param string $name Name will be trimmed to 120 chars when longer
 	 * @param int $type token type
 	 * @param int $remember whether the session token should be used for remember-me
 	 * @return IToken
@@ -62,7 +62,7 @@ public function generateToken(string $token,
 								  int $type = IToken::TEMPORARY_TOKEN,
 								  int $remember = IToken::DO_NOT_REMEMBER): IToken {
 		if (mb_strlen($name) > 128) {
-			throw new InvalidTokenException('The given name is too long');
+			$name = mb_substr($name, 0, 120) . '…';
 		}
 
 		try {
diff --git a/tests/lib/Authentication/Token/ManagerTest.php b/tests/lib/Authentication/Token/ManagerTest.php
@@ -114,6 +114,37 @@ public function testGenerateConflictingToken() {
 		$this->assertSame($token, $actual);
 	}
 
+	public function testGenerateTokenTooLongName() {
+		$token = $this->createMock(IToken::class);
+		$token->method('getName')
+			->willReturn(str_repeat('a', 120) . '…');
+
+
+		$this->publicKeyTokenProvider->expects($this->once())
+			->method('generateToken')
+			->with(
+				'token',
+				'uid',
+				'loginName',
+				'password',
+				str_repeat('a', 120) . '…',
+				IToken::TEMPORARY_TOKEN,
+				IToken::REMEMBER
+			)->willReturn($token);
+
+		$actual = $this->manager->generateToken(
+			'token',
+			'uid',
+			'loginName',
+			'password',
+			str_repeat('a', 200),
+			IToken::TEMPORARY_TOKEN,
+			IToken::REMEMBER
+		);
+
+		$this->assertSame(121, mb_strlen($actual->getName()));
+	}
+
 	public function tokenData(): array {
 		return [
 			[new PublicKeyToken()],

Original file line number	Diff line number	Diff line change
`@@ -99,9 +99,6 @@ public function getAppPassword(): DataResponse {`
`99`	`99`	`}`
`100`	`100`
`101`	`101`	`$userAgent = $this->request->getHeader('USER_AGENT');`
`102`		`- if (mb_strlen($userAgent) > 128) {`
`103`		`- $userAgent = mb_substr($userAgent, 0, 120) . '…';`
`104`		`- }`
`105`	`102`
`106`	`103`	`$token = $this->random->generate(72, ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_DIGITS);`
`107`	`104`