Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(updater): Stop expiring secret prematurely #49578

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

fix(updater): Stop expiring secret prematurely #49578

wants to merge 1 commit into from
+102 −23

Conversation

joshtrichards
Copy link
Member

@joshtrichards joshtrichards commented Dec 1, 2024
edited
Loading

Summary

#43967 introduced a regression in the handling of the expiration of updater.secret. The result is that updater.secret is expired at the next job interval (~10 minutes). If the web Updater takes >10 minutes this prevents it from continuing.

  • Fixed expiration handling
  • Added logging when we expire the secret
  • Added cleanup of the updater.secret.created value when we expire a secret
  • Added handling for config_is_read_only in the AdminController
  • Changed ResetToken background job unit tests to catch the scenario addressed by this PR
  • Expanded ResetToken background job unit test coverage in general
  • Expanded AdminController unit test coverage in general

TODO

  • Tests: Confirm new tests are working (I eliminated the static used in the ResetToken test since it didn't seem to serve a purpose but I may have broken it so may require another look)

Checklist

@joshtrichards joshtrichards mentioned this pull request Dec 1, 2024
Open
@joshtrichards joshtrichards force-pushed the fix-updater-secret branch 2 times, most recently from 9e53b31 to 232970e Compare December 1, 2024 20:06
@joshtrichards joshtrichards added this to the Nextcloud 31 milestone Dec 1, 2024
@joshtrichards
Copy link
Member Author

/backport to stable30

@joshtrichards
Copy link
Member Author

/backport to stable29

@joshtrichards joshtrichards force-pushed the fix-updater-secret branch 8 times, most recently from 6ee7f8c to b77688a Compare December 1, 2024 21:18
@joshtrichards joshtrichards marked this pull request as ready for review December 1, 2024 21:24
@joshtrichards joshtrichards added the 3. to review Waiting for reviews label Dec 1, 2024
@joshtrichards
fix(updater): Stop expiring secret prematurely
3785f09 
Signed-off-by: Josh Richards <josh.t.richards@gmail.com>
nickvergessen
nickvergessen requested changes Dec 1, 2024
View reviewed changes
apps/updatenotification/lib/BackgroundJob/ResetToken.php
}

/**
* @param $argument
*/
protected function run($argument) {
if ($this->config->getSystemValueBool('config_is_read_only')) {
$this->logger->debug('Skipping `updater.secret` reset since config_is_read_only is set', ['app' => 'updatenotification']);
return;
}

$secretCreated = $this->appConfig->getValueInt('core', 'updater.secret.created', $this->time->getTime());
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
$secretCreated = $this->appConfig->getValueInt('core', 'updater.secret.created', $this->time->getTime());
$secretCreated = $this->appConfig->getValueInt('core', 'updater.secret.created');
if ($secretCreated === 0) {
...

Should handle the "does not even exist" case.
Or should we even always try the delete of the updater.secret, when the timestamp is missing?

apps/updatenotification/lib/BackgroundJob/ResetToken.php
return;
}

$secretCreated = $this->appConfig->getValueInt('core', 'updater.secret.created', $this->time->getTime());
// Delete old tokens after 2 days
if ($secretCreated >= 172800) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What an oversight 🙈

apps/updatenotification/tests/BackgroundJob/ResetTokenTest.php

static::invokePrivate($this->resetTokenBackgroundJob, 'run', [null]);
$this->invokePrivate($this->resetTokenBackgroundJob, 'run', [null]);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
$this->invokePrivate($this->resetTokenBackgroundJob, 'run', [null]);
static::invokePrivate($this->resetTokenBackgroundJob, 'run', [null]);

Static is the correct/new stuff. $this->invokePrivate actually generates a warning in IDEs?

Ref ffb3a3e

apps/updatenotification/tests/BackgroundJob/ResetTokenTest.php
);
}

public function testRunWithNotExpiredToken(): void {
public function testRunWithNotExpiredToken(): void { // Affirm if updater.secret.created <48 hours ago then `updater.secret` is left alone
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Make the comment part of the function name, so the failing test explains it right away without diving into test code,
Otherwise at least make it a proper doc block above the test case

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nickvergessen nickvergessen nickvergessen requested changes

@susnux susnux Awaiting requested review from susnux

@blizzz blizzz Awaiting requested review from blizzz

@tcitworld tcitworld Awaiting requested review from tcitworld

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
3. to review Waiting for reviews backport-request bug feature: authentication feature: install and update regression
Projects
None yet
Milestone
Nextcloud 31
Development

Successfully merging this pull request may close these issues.

Web update cannot continue after long backup Log updater.secret creation and expiration
2 participants
@joshtrichards @nickvergessen