diff options
Diffstat (limited to 'phpBB/phpbb/auth/provider')
-rw-r--r-- | phpBB/phpbb/auth/provider/oauth/oauth.php | 2 | ||||
-rw-r--r-- | phpBB/phpbb/auth/provider/oauth/token_storage.php | 22 |
2 files changed, 21 insertions, 3 deletions
diff --git a/phpBB/phpbb/auth/provider/oauth/oauth.php b/phpBB/phpbb/auth/provider/oauth/oauth.php index c1c27c979f..142c209c0a 100644 --- a/phpBB/phpbb/auth/provider/oauth/oauth.php +++ b/phpBB/phpbb/auth/provider/oauth/oauth.php @@ -613,7 +613,7 @@ class phpbb_auth_provider_oauth extends phpbb_auth_provider_base // Clear all tokens belonging to the user on this servce $service_name = 'auth.provider.oauth.service.' . strtolower($link_data['oauth_service']); $storage = new phpbb_auth_provider_oauth_token_storage($this->db, $this->user, $service_name, $this->auth_provider_oauth_token_storage_table); - $storage->clearToken(); + $storage->clearToken($service_name); return; } diff --git a/phpBB/phpbb/auth/provider/oauth/token_storage.php b/phpBB/phpbb/auth/provider/oauth/token_storage.php index c0fce10e17..96f2e2fb0a 100644 --- a/phpBB/phpbb/auth/provider/oauth/token_storage.php +++ b/phpBB/phpbb/auth/provider/oauth/token_storage.php @@ -145,13 +145,31 @@ class phpbb_auth_provider_oauth_token_storage implements TokenStorageInterface /** * {@inheritdoc} */ - public function clearToken() + public function clearToken($service) { $this->cachedToken = null; $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' WHERE user_id = ' . $this->user->data['user_id'] . " - AND provider = '" . $this->db->sql_escape($this->service_name) . "'"; + AND provider = '" . $this->db->sql_escape($service) . "'"; + + if ($this->user->data['user_id'] === ANONYMOUS) + { + $sql .= " AND session_id = '" . $this->user->data['session_id'] . "'"; + } + + $this->db->sql_query($sql); + } + + /** + * {@inheritdoc} + */ + public function clearAllTokens() + { + $this->cachedToken = null; + + $sql = 'DELETE FROM ' . $this->auth_provider_oauth_table . ' + WHERE user_id = ' . $this->user->data['user_id']; if ($this->user->data['user_id'] === ANONYMOUS) { |