From 47bd75a052cd79ce43a1ffcf1e816661a8bb087f Mon Sep 17 00:00:00 2001 From: Louis Chemineau Date: Thu, 27 Feb 2025 13:12:55 +0100 Subject: [PATCH 1/2] fix(login): Also check legacy annotation for ephemeral sessions Signed-off-by: Louis Chemineau --- .../AppFramework/DependencyInjection/DIContainer.php | 7 +------ .../Middleware/FlowV2EphemeralSessionsMiddleware.php | 6 ++++++ 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/lib/private/AppFramework/DependencyInjection/DIContainer.php b/lib/private/AppFramework/DependencyInjection/DIContainer.php index e1a2fefc55ab8..b6e2df4ce7b49 100644 --- a/lib/private/AppFramework/DependencyInjection/DIContainer.php +++ b/lib/private/AppFramework/DependencyInjection/DIContainer.php @@ -217,12 +217,7 @@ public function __construct(string $appName, array $urlParams = [], ?ServerConta ) ); - $dispatcher->registerMiddleware( - new FlowV2EphemeralSessionsMiddleware( - $c->get(ISession::class), - $c->get(IUserSession::class), - ) - ); + $dispatcher->registerMiddleware($c->get(FlowV2EphemeralSessionsMiddleware::class)); $securityMiddleware = new SecurityMiddleware( $c->get(IRequest::class), diff --git a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php index b3e406adf22fc..461a8f9188402 100644 --- a/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php +++ b/lib/private/AppFramework/Middleware/FlowV2EphemeralSessionsMiddleware.php @@ -7,6 +7,7 @@ */ namespace OC\AppFramework\Middleware; +use OC\AppFramework\Utility\ControllerMethodReflector; use OC\Core\Controller\ClientFlowLoginV2Controller; use OCP\AppFramework\Controller; use OCP\AppFramework\Middleware; @@ -20,6 +21,7 @@ class FlowV2EphemeralSessionsMiddleware extends Middleware { public function __construct( private ISession $session, private IUserSession $userSession, + private ControllerMethodReflector $reflector, ) { } @@ -40,6 +42,10 @@ public function beforeController(Controller $controller, string $methodName) { return; } + if ($this->reflector->hasAnnotation('PublicPage')) { + return; + } + $this->userSession->logout(); $this->session->close(); } From 68f86b3066e1c1070a32aba97a51096188a432aa Mon Sep 17 00:00:00 2001 From: Louis Chemineau Date: Thu, 27 Feb 2025 13:13:26 +0100 Subject: [PATCH 2/2] fix(login): Support subfolder install for ephemeral sessions Signed-off-by: Louis Chemineau --- .../Authentication/Login/FlowV2EphemeralSessionsCommand.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/private/Authentication/Login/FlowV2EphemeralSessionsCommand.php b/lib/private/Authentication/Login/FlowV2EphemeralSessionsCommand.php index b215df1523f48..82dd829334d9d 100644 --- a/lib/private/Authentication/Login/FlowV2EphemeralSessionsCommand.php +++ b/lib/private/Authentication/Login/FlowV2EphemeralSessionsCommand.php @@ -10,15 +10,18 @@ use OC\Core\Controller\ClientFlowLoginV2Controller; use OCP\ISession; +use OCP\IURLGenerator; class FlowV2EphemeralSessionsCommand extends ALoginCommand { public function __construct( private ISession $session, + private IURLGenerator $urlGenerator, ) { } public function process(LoginData $loginData): LoginResult { - if (str_starts_with($loginData->getRedirectUrl() ?? '', '/login/v2/grant')) { + $loginV2GrantRoute = $this->urlGenerator->linkToRoute('core.ClientFlowLoginV2.grantPage'); + if (str_starts_with($loginData->getRedirectUrl() ?? '', $loginV2GrantRoute)) { $this->session->set(ClientFlowLoginV2Controller::EPHEMERAL_NAME, true); }