auth check on slave

Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
nextcloud · Nov 23, 2023 · 06a5b02 · 06a5b02
1 parent 6ab5fcc
commit 06a5b02
Showing 1 changed file with 6 additions and 5 deletions.
diff --git a/lib/Controller/SlaveController.php b/lib/Controller/SlaveController.php
@@ -200,17 +200,18 @@ public function createAppToken($jwt) {
 
 		try {
 			list($uid, $password, $options) = $this->decodeJwt($jwt);
-
+			$saml = false;
 			if (is_array($options) && isset($options['backend']) && $options['backend'] === 'saml') {
+				$saml = true;
 				$this->autoprovisionIfNeeded($uid, $options);
 			}
 
 			if ($this->userManager->userExists($uid)) {
-				// if we have a password, we verify it
-				if (!empty($password)) {
-					$result = $this->userSession->login($uid, $password);
+				// if we have a password, we verify it; if not it means we should be using saml.
+				if ($password === '') {
+					$result = $saml;
 				} else {
-					$result = true;
+					$result = $this->userSession->login($uid, $password);
 				}
 				if ($result) {
 					$token = $this->tokenHandler->generateAppToken($uid);