Read encrypted session data again on reopen by juliusknorr · Pull Request #34934 · nextcloud/server

juliusknorr · 2022-11-03T07:40:27Z

This should avoid working with outdated session data after reopening the PHP session

github-actions · 2022-11-03T07:44:46Z

Possible performance regression detected

Show Output

5 queries added

= /remote.php/dav/files/test
= /remote.php/dav/files/test/test.txt
= /remote.php/dav/files/test/many_files
≠ /remote.php/dav/files/test/new_file.txt with 1 queries removed
  - SELECT "filecache"."fileid", "storage", "path", "path_hash", "filecache"."parent", "filecache"."name", "mimetype", "mimepart", "size", "mtime", "storage_mtime", "encrypted", "etag", "permissions", "checksum", "unencrypted_size", "metadata_etag", "creation_time", "upload_time" FROM "oc_filecache" "filecache" LEFT JOIN "oc_filecache_extended" "fe" ON "filecache"."fileid" = "fe"."fileid" WHERE ("storage" = :dcValue1) AND ("path_hash" = :dcValue2)
≠ /remote.php/dav/files/test/new_file.txt with 6 queries added
  + SELECT "path" FROM "oc_filecache" WHERE ("storage" = :dcValue1) AND ("fileid" = :dcValue2)
  + SELECT "path" FROM "oc_filecache" WHERE ("storage" = :dcValue1) AND ("fileid" = :dcValue2)
  + SELECT "filecache"."fileid", "storage", "path", "path_hash", "filecache"."parent", "filecache"."name", "mimetype", "mimepart", "size", "mtime", "storage_mtime", "encrypted", "etag", "permissions", "checksum", "unencrypted_size", "metadata_etag", "creation_time", "upload_time" FROM "oc_filecache" "filecache" LEFT JOIN "oc_filecache_extended" "fe" ON "filecache"."fileid" = "fe"."fileid" WHERE ("storage" = :dcValue1) AND ("path_hash" = :dcValue2)
  + SELECT "path" FROM "oc_filecache" WHERE ("storage" = :dcValue1) AND ("fileid" = :dcValue2)
  + SELECT "filecache"."fileid", "storage", "path", "path_hash", "filecache"."parent", "filecache"."name", "mimetype", "mimepart", "size", "mtime", "storage_mtime", "encrypted", "etag", "permissions", "checksum", "unencrypted_size", "metadata_etag", "creation_time", "upload_time" FROM "oc_filecache" "filecache" LEFT JOIN "oc_filecache_extended" "fe" ON "filecache"."fileid" = "fe"."fileid" WHERE ("storage" = :dcValue1) AND ("path_hash" = :dcValue2)
  + SELECT "filecache"."fileid", "storage", "path", "path_hash", "filecache"."parent", "filecache"."name", "mimetype", "mimepart", "size", "mtime", "storage_mtime", "encrypted", "etag", "permissions", "checksum", "unencrypted_size", "metadata_etag", "creation_time", "upload_time" FROM "oc_filecache" "filecache" LEFT JOIN "oc_filecache_extended" "fe" ON "filecache"."fileid" = "fe"."fileid" WHERE ("storage" = :dcValue1) AND ("path_hash" = :dcValue2)

nickvergessen

Good find.

Together with nextcloud/spreed#8265 that finally solves nextcloud/spreed#4670

nickvergessen · 2022-11-03T08:27:02Z

This actually seems to break the login

github-actions · 2022-11-03T09:03:22Z

Possible performance regression detected

Show Output

5 queries added

= /remote.php/dav/files/test
= /remote.php/dav/files/test/test.txt
= /remote.php/dav/files/test/many_files
≠ /remote.php/dav/files/test/new_file.txt with 1 queries removed
  - SELECT "filecache"."fileid", "storage", "path", "path_hash", "filecache"."parent", "filecache"."name", "mimetype", "mimepart", "size", "mtime", "storage_mtime", "encrypted", "etag", "permissions", "checksum", "unencrypted_size", "metadata_etag", "creation_time", "upload_time" FROM "oc_filecache" "filecache" LEFT JOIN "oc_filecache_extended" "fe" ON "filecache"."fileid" = "fe"."fileid" WHERE ("storage" = :dcValue1) AND ("path_hash" = :dcValue2)
≠ /remote.php/dav/files/test/new_file.txt with 6 queries added
  + SELECT "path" FROM "oc_filecache" WHERE ("storage" = :dcValue1) AND ("fileid" = :dcValue2)
  + SELECT "path" FROM "oc_filecache" WHERE ("storage" = :dcValue1) AND ("fileid" = :dcValue2)
  + SELECT "filecache"."fileid", "storage", "path", "path_hash", "filecache"."parent", "filecache"."name", "mimetype", "mimepart", "size", "mtime", "storage_mtime", "encrypted", "etag", "permissions", "checksum", "unencrypted_size", "metadata_etag", "creation_time", "upload_time" FROM "oc_filecache" "filecache" LEFT JOIN "oc_filecache_extended" "fe" ON "filecache"."fileid" = "fe"."fileid" WHERE ("storage" = :dcValue1) AND ("path_hash" = :dcValue2)
  + SELECT "path" FROM "oc_filecache" WHERE ("storage" = :dcValue1) AND ("fileid" = :dcValue2)
  + SELECT "filecache"."fileid", "storage", "path", "path_hash", "filecache"."parent", "filecache"."name", "mimetype", "mimepart", "size", "mtime", "storage_mtime", "encrypted", "etag", "permissions", "checksum", "unencrypted_size", "metadata_etag", "creation_time", "upload_time" FROM "oc_filecache" "filecache" LEFT JOIN "oc_filecache_extended" "fe" ON "filecache"."fileid" = "fe"."fileid" WHERE ("storage" = :dcValue1) AND ("path_hash" = :dcValue2)
  + SELECT "filecache"."fileid", "storage", "path", "path_hash", "filecache"."parent", "filecache"."name", "mimetype", "mimepart", "size", "mtime", "storage_mtime", "encrypted", "etag", "permissions", "checksum", "unencrypted_size", "metadata_etag", "creation_time", "upload_time" FROM "oc_filecache" "filecache" LEFT JOIN "oc_filecache_extended" "fe" ON "filecache"."fileid" = "fe"."fileid" WHERE ("storage" = :dcValue1) AND ("path_hash" = :dcValue2)

szaimen · 2022-11-03T09:52:58Z

Does this potentially fix #33919?

nickvergessen

Login works again

szaimen · 2022-11-03T11:09:44Z

Does this fix #33919?

Edit: seems like not

Signed-off-by: Julius Härtl <jus@bitgrid.net>

…e removed Signed-off-by: Julius Härtl <jus@bitgrid.net>

juliusknorr · 2022-11-03T12:20:47Z

Tests are passing again, rebased and squashed

juliusknorr · 2022-11-03T12:21:12Z

Does this fix #33919?
Edit: seems like not

Yes, doesn't seem related to that.

juliusknorr · 2022-11-03T12:21:19Z

/backport to stable25

juliusknorr · 2022-11-03T16:26:24Z

Failure unrelated, fix is in #34954

skjnldsv · 2022-11-04T10:41:27Z

This broke viewer.

skjnldsv · 2022-11-04T10:50:10Z

Confirmed, reverting the two commits makes cypress pass again.

juliusknorr · 2022-11-04T12:39:17Z

@skjnldsv Can you reproduce that outside of cypress as well? There it seems to work for me. Will try to run the viewer cypress tests and see if I can reproduce that

juliusknorr · 2022-11-04T13:57:13Z

I can reproduce but only when running the cypress test. Seems somehow the AUTHENTICATED_TO_DAV_BACKENDattribute is preserved in the session from the previous api call to create the user. Will investigate further:

  "cryptSessionData Decrypted: {\"LAST_ACTIVITY\":1667570009,\"requesttoken\":\"y69YQJ4OJ6zWUN2oyFD\\/GXDuPwNVWQGx\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"echitrb1\\\",\\\"loginName\\\":\\\"echitrb1\\\",\\\"password\\\":\\\"password\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667570003,\"user_id\":\"echitrb1\",\"loginname\":\"echitrb1\",\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true}}"

juliusknorr · 2022-11-04T14:51:45Z

A few debugging insights:

The cookie is being reused from the previous OCS request to create the user which still has the previous session data contained
The webdav failure is expected in that case as per WebDav should prioritise auth header over cookie owncloud/core#13245
- server/apps/dav/lib/Connector/Sabre/Auth.php
  
  Line 87 in f7be761
  
  public function isDavAuthenticated(string $username): bool {
Options to mitigate
- Clear the session in viewer cypress tests
- Clean the session during login
- Only clean the relevant fields when detecting invalid authentication (e.g. before redirecting to login)
- Only clean the relvant fields after login

I'll need to think a bit about what the best approach there would be.

Session data after login with a different user

{
  "LAST_ACTIVITY": 1667572677,
  "requesttoken": "wOirYlodceLJwwObK2nqX\\/LMGiGSoBsh",
  "checkServer_succeeded": true,
  "login_credentials": {
    "run": true,
    "uid": "rzeketu1",
    "loginName": "rzeketu1",
    "password": "password",
    "isTokenLogin": false
  },
  "AUTHENTICATED_TO_DAV_BACKEND": "admin",
  "last-password-confirm": 1667572674,
  "user_id": "rzeketu1",
  "loginname": "rzeketu1",
  "timezone": "1",
  "token_scope": {
    "filesystem": true
  }
}

Full list of session write calls for a cypress run

cat data/nextcloud.log | grep "set session" | jq "[.url, .message]"
[
  "/ocs/v2.php/apps/notifications/api/v2/notifications",
  "set session {\"LAST_ACTIVITY\":1667572665,\"requesttoken\":\"b\\/moV8eCbs26rgCJAE6YdpOgiXGiz3ZQ\",\"checkServer_succeeded\":true,\"user_id\":\"admin\",\"loginname\":\"admin\",\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"last-password-confirm\":1667567734,\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true},\"two_factor_auth_passed\":\"admin\"}"
]
[
  "/ocs/v1.php/cloud/users?format=json",
  "set session {\"LAST_ACTIVITY\":1667572671}"
]
[
  "/ocs/v1.php/cloud/users?format=json",
  "set session {\"LAST_ACTIVITY\":1667572671,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\"}"
]
[
  "/ocs/v1.php/cloud/users?format=json",
  "set session {\"LAST_ACTIVITY\":1667572671,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\",\"checkServer_succeeded\":true}"
]
[
  "/ocs/v1.php/cloud/users?format=json",
  "set session {\"LAST_ACTIVITY\":1667572671,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\",\"checkServer_succeeded\":true,\"user_id\":\"admin\",\"loginname\":\"admin\",\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572671}"
]
[
  "/index.php/apps/files",
  "set session {\"LAST_ACTIVITY\":1667572672,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\",\"checkServer_succeeded\":true,\"user_id\":\"admin\",\"loginname\":\"admin\",\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572671}"
]
[
  "/index.php/apps/files",
  "set session {\"LAST_ACTIVITY\":1667572672,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\",\"checkServer_succeeded\":true,\"loginname\":\"admin\",\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572671}"
]
[
  "/index.php/apps/files",
  "set session {\"LAST_ACTIVITY\":1667572672,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572671}"
]
[
  "/index.php/apps/files",
  "set session {\"LAST_ACTIVITY\":1667572672,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572671}"
]
[
  "/index.php/apps/files",
  "set session {\"LAST_ACTIVITY\":1667572672,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572671}"
]
[
  "/index.php/apps/files",
  "set session {\"LAST_ACTIVITY\":1667572672,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572671}"
]
[
  "/index.php/login?redirect_url=/index.php/apps/files",
  "set session {\"LAST_ACTIVITY\":1667572672,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572671}"
]
[
  "/index.php/login",
  "set session {\"LAST_ACTIVITY\":1667572674,\"requesttoken\":\"rxpY4Im8HA+ETkF5imst7bUHCAEg9\\/7D\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572671}"
]
[
  "/index.php/login",
  "set session {\"LAST_ACTIVITY\":1667572674,\"requesttoken\":\"wOirYlodceLJwwObK2nqX\\/LMGiGSoBsh\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"rzeketu1\\\",\\\"loginName\\\":\\\"rzeketu1\\\",\\\"password\\\":\\\"password\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572674,\"user_id\":\"rzeketu1\",\"loginname\":\"rzeketu1\",\"timezone\":\"1\"}"
]
[
  "/index.php/apps/files",
  "set session {\"LAST_ACTIVITY\":1667572676,\"requesttoken\":\"wOirYlodceLJwwObK2nqX\\/LMGiGSoBsh\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"rzeketu1\\\",\\\"loginName\\\":\\\"rzeketu1\\\",\\\"password\\\":\\\"password\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572674,\"user_id\":\"rzeketu1\",\"loginname\":\"rzeketu1\",\"timezone\":\"1\"}"
]
[
  "/index.php/apps/files",
  "set session {\"LAST_ACTIVITY\":1667572676,\"requesttoken\":\"wOirYlodceLJwwObK2nqX\\/LMGiGSoBsh\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"rzeketu1\\\",\\\"loginName\\\":\\\"rzeketu1\\\",\\\"password\\\":\\\"password\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572674,\"user_id\":\"rzeketu1\",\"loginname\":\"rzeketu1\",\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true}}"
]
[
  "/index.php/avatar/rzeketu1/64?v=0",
  "set session {\"LAST_ACTIVITY\":1667572677,\"requesttoken\":\"wOirYlodceLJwwObK2nqX\\/LMGiGSoBsh\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"rzeketu1\\\",\\\"loginName\\\":\\\"rzeketu1\\\",\\\"password\\\":\\\"password\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572674,\"user_id\":\"rzeketu1\",\"loginname\":\"rzeketu1\",\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true}}"
]
[
  "/ocs/v2.php/search/providers?from=%2Fapps%2Ffiles",
  "set session {\"LAST_ACTIVITY\":1667572678,\"requesttoken\":\"wOirYlodceLJwwObK2nqX\\/LMGiGSoBsh\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"rzeketu1\\\",\\\"loginName\\\":\\\"rzeketu1\\\",\\\"password\\\":\\\"password\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572674,\"user_id\":\"rzeketu1\",\"loginname\":\"rzeketu1\",\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true}}"
]
[
  "/ocs/v2.php/apps/notifications/api/v2/notifications",
  "set session {\"LAST_ACTIVITY\":1667572681,\"requesttoken\":\"wOirYlodceLJwwObK2nqX\\/LMGiGSoBsh\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"rzeketu1\\\",\\\"loginName\\\":\\\"rzeketu1\\\",\\\"password\\\":\\\"password\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572674,\"user_id\":\"rzeketu1\",\"loginname\":\"rzeketu1\",\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true}}"
]
[
  "/index.php/apps/files_sharing/api/externalShares",
  "set session {\"LAST_ACTIVITY\":1667572682,\"requesttoken\":\"wOirYlodceLJwwObK2nqX\\/LMGiGSoBsh\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"rzeketu1\\\",\\\"loginName\\\":\\\"rzeketu1\\\",\\\"password\\\":\\\"password\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572674,\"user_id\":\"rzeketu1\",\"loginname\":\"rzeketu1\",\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true}}"
]
[
  "/remote.php/dav/files/rzeketu1/",
  "set session {\"LAST_ACTIVITY\":1667572682,\"requesttoken\":\"wOirYlodceLJwwObK2nqX\\/LMGiGSoBsh\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"rzeketu1\\\",\\\"loginName\\\":\\\"rzeketu1\\\",\\\"password\\\":\\\"password\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572674,\"user_id\":\"rzeketu1\",\"loginname\":\"rzeketu1\",\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true},\"two_factor_auth_passed\":\"rzeketu1\"}"
]
[
  "/index.php/avatar/rzeketu1/64/dark?v=0",
  "set session {\"LAST_ACTIVITY\":1667572683,\"requesttoken\":\"wOirYlodceLJwwObK2nqX\\/LMGiGSoBsh\",\"checkServer_succeeded\":true,\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"rzeketu1\\\",\\\"loginName\\\":\\\"rzeketu1\\\",\\\"password\\\":\\\"password\\\",\\\"isTokenLogin\\\":false}\",\"AUTHENTICATED_TO_DAV_BACKEND\":\"admin\",\"last-password-confirm\":1667572674,\"user_id\":\"rzeketu1\",\"loginname\":\"rzeketu1\",\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true},\"two_factor_auth_passed\":\"rzeketu1\"}"
]
[
  "/ocs/v2.php/apps/notifications/api/v2/notifications",
  "set session {\"LAST_ACTIVITY\":1667572695,\"requesttoken\":\"b\\/moV8eCbs26rgCJAE6YdpOgiXGiz3ZQ\",\"checkServer_succeeded\":true,\"user_id\":\"admin\",\"loginname\":\"admin\",\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"last-password-confirm\":1667567734,\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true},\"two_factor_auth_passed\":\"admin\"}"
]
[
  "/ocs/v2.php/apps/notifications/api/v2/notifications",
  "set session {\"LAST_ACTIVITY\":1667572725,\"requesttoken\":\"b\\/moV8eCbs26rgCJAE6YdpOgiXGiz3ZQ\",\"checkServer_succeeded\":true,\"user_id\":\"admin\",\"loginname\":\"admin\",\"login_credentials\":\"{\\\"run\\\":true,\\\"uid\\\":\\\"admin\\\",\\\"loginName\\\":\\\"admin\\\",\\\"password\\\":\\\"admin\\\",\\\"isTokenLogin\\\":false}\",\"last-password-confirm\":1667567734,\"timezone\":\"1\",\"token_scope\":{\"filesystem\":true},\"two_factor_auth_passed\":\"admin\"}"
]

nickvergessen approved these changes Nov 3, 2022

View reviewed changes

nickvergessen added this to the Nextcloud 26 milestone Nov 3, 2022

nickvergessen added bug 3. to review Waiting for reviews labels Nov 3, 2022

nickvergessen requested review from a team, CarlSchwan, blizzz, danxuliu and icewind1991 and removed request for a team November 3, 2022 07:50

This comment was marked as off-topic.

Sign in to view

nickvergessen approved these changes Nov 3, 2022

View reviewed changes

juliusknorr force-pushed the bugfix/noid/session-reopen-read branch from 4b9a565 to 8de8a01 Compare November 3, 2022 10:18

blizzz approved these changes Nov 3, 2022

View reviewed changes

blizzz added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Nov 3, 2022

CarlSchwan approved these changes Nov 3, 2022

View reviewed changes

juliusknorr added 2 commits November 3, 2022 13:20

Read encrypted session data again on reopen

2ff840b

Signed-off-by: Julius Härtl <jus@bitgrid.net>

Do not remove complete encrypted session key when just a key should b…

c412821

…e removed Signed-off-by: Julius Härtl <jus@bitgrid.net>

juliusknorr force-pushed the bugfix/noid/session-reopen-read branch from 8de8a01 to c412821 Compare November 3, 2022 12:20

backportbot-nextcloud bot added the backport-request label Nov 3, 2022

juliusknorr merged commit 4da550c into master Nov 3, 2022

juliusknorr deleted the bugfix/noid/session-reopen-read branch November 3, 2022 16:26

backportbot-nextcloud bot mentioned this pull request Nov 3, 2022

[stable25] Read encrypted session data again on reopen #34955

Merged

backportbot-nextcloud bot removed the backport-request label Nov 3, 2022

juliusknorr mentioned this pull request Nov 9, 2022

Faster login methods and users methods nextcloud-libraries/nextcloud-e2e-test-server#89

Merged

juliusknorr mentioned this pull request Nov 22, 2022

Remove potential mismatching dav session data during login #35318

Merged

nickvergessen mentioned this pull request Dec 1, 2022

Multiple sessions from different devices broken nextcloud/spreed#8416

Closed

blizzz mentioned this pull request Dec 9, 2022

[Bug]: SAML Logout broken on 25 #35708

Closed

9 tasks

Uh oh!

Comments

Conversation

juliusknorr commented Nov 3, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions bot commented Nov 3, 2022

Uh oh!

nickvergessen left a comment

Choose a reason for hiding this comment

Uh oh!

nickvergessen commented Nov 3, 2022

Uh oh!

This comment was marked as off-topic.

github-actions bot commented Nov 3, 2022

Uh oh!

szaimen commented Nov 3, 2022

Uh oh!

nickvergessen left a comment

Choose a reason for hiding this comment

Uh oh!

szaimen commented Nov 3, 2022 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

juliusknorr commented Nov 3, 2022

Uh oh!

juliusknorr commented Nov 3, 2022

Uh oh!

juliusknorr commented Nov 3, 2022

Uh oh!

juliusknorr commented Nov 3, 2022

Uh oh!

skjnldsv commented Nov 4, 2022

Uh oh!

skjnldsv commented Nov 4, 2022

Uh oh!

juliusknorr commented Nov 4, 2022

Uh oh!

juliusknorr commented Nov 4, 2022

Uh oh!

juliusknorr commented Nov 4, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

juliusknorr commented Nov 3, 2022 •

edited

Loading

szaimen commented Nov 3, 2022 •

edited

Loading