From 9e83e04e4c589722f2576c4585fc9021d55b4f5e Mon Sep 17 00:00:00 2001
From: Arthur Schiwon <blizzz@arthur-schiwon.de>
Date: Wed, 20 Dec 2023 16:22:56 +0100
Subject: [PATCH] debug(session): log token takeover

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
---
 lib/Controller/SAMLController.php | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/lib/Controller/SAMLController.php b/lib/Controller/SAMLController.php
index 3e94c0b67..ddbf71e11 100644
--- a/lib/Controller/SAMLController.php
+++ b/lib/Controller/SAMLController.php
@@ -48,6 +48,7 @@
 use OneLogin\Saml2\Error;
 use OneLogin\Saml2\Settings;
 use OneLogin\Saml2\ValidationError;
+use function OCP\Log\logger;
 
 class SAMLController extends Controller {
 	use TXmlHelper;
@@ -227,11 +228,20 @@ public function login(int $idp = 1) {
 
 				if ($this->session->get(ClientFlowLoginController::STATE_NAME) !== null) {
 					$flowData['cf1'] = $this->session->get(ClientFlowLoginController::STATE_NAME);
+					logger('core')->error('Transporting login flow token', [
+						'requestToken' => $this->session->get(ClientFlowLoginController::STATE_NAME),
+					]);
 				} elseif ($this->session->get(ClientFlowLoginV2Controller::TOKEN_NAME) !== null) {
 					$flowData['cf2'] = [
 						'token' => $this->session->get(ClientFlowLoginV2Controller::TOKEN_NAME),
 						'state' => $this->session->get(ClientFlowLoginV2Controller::STATE_NAME),
 					];
+					logger('core')->error('Transporting login flow tokens', [
+						'sessionToken' => $this->session->get(ClientFlowLoginV2Controller::TOKEN_NAME),
+						'requestToken' => $this->session->get(ClientFlowLoginV2Controller::STATE_NAME),
+					]);
+				} else {
+					logger('core')->error('No login flow tokens found');
 				}
 
 				// Pack data as JSON so we can properly extract it later