diff options
author | Thomas Bruederli <thomas@roundcube.net> | 2022-10-29 23:24:09 +0300 |
---|---|---|
committer | Thomas Bruederli <thomas@roundcube.net> | 2022-10-29 23:24:09 +0300 |
commit | 6b2e39d13252064040912898e58b6297f80396c9 (patch) | |
tree | e3b0031c490e0b1df3e178f0c26716e83ba17d76 | |
parent | 901b1bb8f14517655c203cd79b20548e60ffad20 (diff) |
Kill session if refreshing oauth token fails (#8734)
-rw-r--r-- | program/include/rcmail_oauth.php | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/program/include/rcmail_oauth.php b/program/include/rcmail_oauth.php index b2f954c7e..618438388 100644 --- a/program/include/rcmail_oauth.php +++ b/program/include/rcmail_oauth.php @@ -409,6 +409,11 @@ class rcmail_oauth ], true, false ); + // refrehsing token failed, mark session as expired + if ($e->getCode() >= 400 && $e->getCode() < 500) { + $this->rcmail->kill_session(); + } + return false; } catch (Exception $e) { @@ -451,7 +456,7 @@ class rcmail_oauth */ protected function check_token_validity($token) { - if ($token['expires'] < time() && isset($token['refresh_token']) && empty($this->last_error)) { + if (1 || $token['expires'] < time() && isset($token['refresh_token']) && empty($this->last_error)) { return $this->refresh_access_token($token) !== false; } return false; |