wikimedia/mediawiki-extensions-OATHAuth
1
0
Fork 0
mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/OATHAuth synced 2024-11-24 00:05:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix removing scratch tokens

Browse source 
Due to using unset(), array keys would be preserved, and therefore, for loop would crash.
Now using array_splice, but had to "reset" the values on construct to fix currently broken
arrays.

Bug: T244308
Change-Id: I6f3dd3df95d5a071b92aa7693ed7ae3fddf35a9d
This commit is contained in:
Dejan Savuljesku 2020-02-05 10:46:58 +01:00
parent d9cf0c6c46
commit c943f75cee
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/Key/TOTPKey.php
View file

@ -110,7 +110,7 @@ class TOTPKey implements IAuthKey {
'period' => 30,
'algorithm' => 'SHA1',
];
$this->scratchTokens = $scratchTokens;
$this->scratchTokens = array_values( $scratchTokens );
}
/**
@ -187,7 +187,7 @@ class TOTPKey implements IAuthKey {
for ( $i = 0; $i < $length; $i++ ) {
if ( $token === $this->scratchTokens[$i] ) {
// If there is a scratch token, remove it from the scratch token list
unset( $this->scratchTokens[$i] );
array_splice( $this->scratchTokens, $i, 1 );
$logger->info( 'OATHAuth user {user} used a scratch token from {clientip}', [
'user' => $user->getAccount(),