mirror of
https://github.com/nextcloud/desktop.git
synced 2024-10-24 21:35:47 +03:00
Fix remote wipe keychain storage (issue #1592)
The app password for the remote wipe was constantly being written in WebFlowCredentials::slotFinished to the keychain, leading to unnecessary write and log overhead on the system. This fix introduces a check to only store the app password once in a lifetime of the Account class. Also the method used to store the password will be renamed from setAppPassword to writeAppPasswordOnce to be more expressive. Signed-off-by: Michael Schuster <michael@schuster.ms>
This commit is contained in:
parent
8ae18d9935
commit
dcc84d3508
3 changed files with 12 additions and 4 deletions
|
@ -420,7 +420,7 @@ void WebFlowCredentials::slotFinished(QNetworkReply *reply) {
|
|||
_credentialsValid = true;
|
||||
|
||||
/// Used later for remote wipe
|
||||
_account->setAppPassword(_password);
|
||||
_account->writeAppPasswordOnce(_password);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -513,7 +513,10 @@ void Account::setNonShib(bool nonShib)
|
|||
}
|
||||
}
|
||||
|
||||
void Account::setAppPassword(QString appPassword){
|
||||
void Account::writeAppPasswordOnce(QString appPassword){
|
||||
if(_wroteAppPassword)
|
||||
return;
|
||||
|
||||
const QString kck = AbstractCredentials::keychainKey(
|
||||
url().toString(),
|
||||
davUser() + app_password,
|
||||
|
@ -524,8 +527,10 @@ void Account::setAppPassword(QString appPassword){
|
|||
job->setInsecureFallback(false);
|
||||
job->setKey(kck);
|
||||
job->setBinaryData(appPassword.toLatin1());
|
||||
connect(job, &WritePasswordJob::finished, [](Job *) {
|
||||
connect(job, &WritePasswordJob::finished, [this](Job *) {
|
||||
qCInfo(lcAccount) << "appPassword stored in keychain";
|
||||
|
||||
_wroteAppPassword = true;
|
||||
});
|
||||
job->start();
|
||||
}
|
||||
|
|
|
@ -243,7 +243,7 @@ public:
|
|||
|
||||
/// Used in RemoteWipe
|
||||
void retrieveAppPassword();
|
||||
void setAppPassword(QString appPassword);
|
||||
void writeAppPasswordOnce(QString appPassword);
|
||||
void deleteAppPassword();
|
||||
|
||||
public slots:
|
||||
|
@ -319,6 +319,9 @@ private:
|
|||
QString _davPath; // defaults to value from theme, might be overwritten in brandings
|
||||
ClientSideEncryption _e2e;
|
||||
|
||||
/// Used in RemoteWipe
|
||||
bool _wroteAppPassword = false;
|
||||
|
||||
friend class AccountManager;
|
||||
};
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue