Merge pull request #11090 from nextcloud/backport/11082/stable14

[stable14] Do not invalidate main token on OAuth
nextcloud · Sep 7, 2018 · e296f7d · e296f7d
2 parents 5b89eff + 5485932
commit e296f7d
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
@@ -366,10 +366,10 @@ public function generateAppPassword($stateToken,
 
 			$serverPath = $protocol . "://" . $this->request->getServerHost() . $serverPostfix;
 			$redirectUri = 'nc://login/server:' . $serverPath . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
-		}
 
-		// Clear the token from the login here
-		$this->tokenProvider->invalidateToken($sessionId);
+			// Clear the token from the login here
+			$this->tokenProvider->invalidateToken($sessionId);
+		}
 
 		return new Http\RedirectResponse($redirectUri);
 	}