server PublickKeyTokenProvider: Fix password update routine with password hash

fixes #33757

Sep 05 '22 12:09 marcelklehr

@marcelklehr Do you think this PR could be tested on production server? We have like 600GiB of WAL every 2 days (for a DB that weights less than 200GiB), it puts a real burden on our backup server.

Sep 12 '22 14:09 ldidry

Let's wait till this is merged @ldidry

Sep 13 '22 11:09 marcelklehr

Ok, thx. :slightly_smiling_face:

Sep 13 '22 12:09 ldidry

follow up from https://github.com/nextcloud/server/pull/33485

Sep 13 '22 17:09 icewind1991

/rebase

Dec 01 '22 18:12 szaimen

Cypress failure looks related (500 error on the login)

Dec 02 '22 12:12 juliusknorr

Maybe naive, but couldn't we compare the value of decrypted password ?

We cannot decrypt all tokens of a user to update them as we only got the user password when the update is called, not the actual cipher to decrypt the tokens (e.g. the app passwords).

Dec 19 '22 16:12 juliusknorr

For some reason the migration isn't executed before the cypress tests run. Help is appreciated.

Dec 27 '22 10:12 marcelklehr

For some reason the migration isn't executed before the cypress tests run. Help is appreciated.

I had the same issue in another PR. Let me see if I can come up with a generic solution

Dec 27 '22 10:12 artonge

https://github.com/nextcloud/server/pull/35889 should fix the issue.

Dec 27 '22 10:12 artonge

Should be good to merge now

Dec 27 '22 14:12 marcelklehr

Pushed another commit to bump the version and trigger the db upgrade on existing setups.

Jan 03 '23 18:01 juliusknorr

Failure unrelated

Jan 05 '23 07:01 juliusknorr

This basically breaks Talk integration tests. On each login the password column as well as password_hash of oc_authtokens is changed, for all entries, although the user password never changes (admin:admin).

Jan 09 '23 12:01 nickvergessen

/backport to stable25

Jan 24 '24 15:01 ChristophWurst