Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[stable17] Handle token insert conflicts #18189

Merged
merged 1 commit into from
Dec 3, 2019
Merged

[stable17] Handle token insert conflicts #18189

merged 1 commit into from
Dec 3, 2019

Conversation

ChristophWurst
Copy link
Member

@ChristophWurst ChristophWurst commented Dec 2, 2019
edited
Loading

Backport of #17939

  • Backport this PR to stable 16
  • Backport this PR to stable 15

@ChristophWurst
Handle token insert conflicts
55b5e13 
Env-based SAML uses the "Apache auth" mechanism to log users in. In this
code path, we first delete all existin auth tokens from the database,
before a new one is inserted. This is problematic for concurrent
requests as they might reach the same code at the same time, hence both
trying to insert a new row wit the same token (the session ID). This
also bubbles up and disables user_saml.

As the token might still be OK (both request will insert the same data),
we can actually just check if the UIDs of the conflict row is the same
as the one we want to insert right now. In that case let's just use the
existing entry and carry on.

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
@ChristophWurst ChristophWurst added this to the Nextcloud 18 milestone Dec 2, 2019
@ChristophWurst ChristophWurst self-assigned this Dec 2, 2019
@ChristophWurst ChristophWurst changed the title Handle token insert conflicts [stable17] Handle token insert conflicts Dec 2, 2019
@gary-kim gary-kim added 4. to release Ready to be released and/or waiting for tests to finish and removed 3. to review Waiting for reviews labels Dec 2, 2019
@rullzer rullzer merged commit d1b0f02 into stable17 Dec 3, 2019
@rullzer rullzer deleted the backport/17939/stable17 branch December 3, 2019 06:49
@ChristophWurst
Copy link
Member Author

/backport to stable16

@ChristophWurst
Copy link
Member Author

/backport to stable15

@rullzer
Copy link
Member

rullzer commented Dec 10, 2019

/backport to stable16

This was referenced Dec 10, 2019
Merged
Merged
@skjnldsv
Copy link
Member

/backport to stable16

@skjnldsv
Copy link
Member

/backport to stable15

@skjnldsv
Copy link
Member

Ah well, we should not need 15 as this is EOL

@backportbot-nextcloud
Copy link

The backport to stable16 failed. Please do this backport manually.

@backportbot-nextcloud
Copy link

The backport to stable15 failed. Please do this backport manually.

@skjnldsv
Copy link
Member

Care to manually backport to stable16 @rullzer :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gary-kim gary-kim gary-kim approved these changes

@rullzer rullzer rullzer approved these changes

@kesselb kesselb Awaiting requested review from kesselb

Assignees

@ChristophWurst ChristophWurst

Labels
4. to release Ready to be released and/or waiting for tests to finish bug feature: authentication
Projects
None yet
Milestone
Nextcloud 18.0.0
Development

Successfully merging this pull request may close these issues.
5 participants
@ChristophWurst @rullzer @skjnldsv @gary-kim @MorrisJobke