From 13e29c7e2fb14b6e1512028145670ce6df03b134 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Julius=20H=C3=A4rtl?= <jus@bitgrid.net>
Date: Thu, 17 Aug 2023 14:35:23 +0200
Subject: [PATCH] fix: Disable password confirmation for SSO
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Julius Härtl <jus@bitgrid.net>
---
 lib/Controller/Id4meController.php | 3 +++
 lib/Controller/LoginController.php | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/lib/Controller/Id4meController.php b/lib/Controller/Id4meController.php
index c39bf4b9..119db856 100644
--- a/lib/Controller/Id4meController.php
+++ b/lib/Controller/Id4meController.php
@@ -295,6 +295,9 @@ public function code(string $state = '', string $code = '', string $scope = '')
 		$this->userSession->completeLogin($user, ['loginName' => $user->getUID(), 'password' => '']);
 		$this->userSession->createSessionToken($this->request, $user->getUID(), $user->getUID());
 
+		// Set last password confirm to the future as we don't have passwords to confirm against with SSO
+		$this->session->set('last-password-confirm', strtotime('+4 year', time()));
+
 		return new RedirectResponse(\OC_Util::getDefaultPageUrl());
 	}
 }
diff --git a/lib/Controller/LoginController.php b/lib/Controller/LoginController.php
index 290691c0..4b98ceb3 100644
--- a/lib/Controller/LoginController.php
+++ b/lib/Controller/LoginController.php
@@ -502,6 +502,9 @@ public function code(string $state = '', string $code = '', string $scope = '',
 		$this->userSession->createSessionToken($this->request, $user->getUID(), $user->getUID());
 		$this->userSession->createRememberMeToken($user);
 
+		// Set last password confirm to the future as we don't have passwords to confirm against with SSO
+		$this->session->set('last-password-confirm', strtotime('+4 year', time()));
+
 		// for backchannel logout
 		try {
 			$authToken = $this->authTokenProvider->getToken($this->session->getId());