From e7a7fdebb994830c70a5134424bbd0e5d79a029c Mon Sep 17 00:00:00 2001
From: Damien Thirion <gnieofmars@gmail.com>
Date: Wed, 13 Dec 2017 23:14:55 +0100
Subject: [PATCH 1/2] Satisfy @PasswordConfirmationRequired when authenticating
 with Bearer Authorisation header

---
 lib/private/User/Session.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index 19b303e46ea1a..a811f038a0eb4 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -748,6 +748,7 @@ public function tryTokenLogin(IRequest $request) {
 		if(!$this->validateToken($token)) {
 			return false;
 		}
+		$this->session->set('last-password-confirm', $this->timeFactory->getTime());
 		return true;
 	}
 

From cc06d8e029c0ea64bdbe2249805372bc9b51d7d9 Mon Sep 17 00:00:00 2001
From: Damien Thirion <gnieofmars@gmail.com>
Date: Tue, 2 Jan 2018 22:02:55 +0100
Subject: [PATCH 2/2] fixup! e7a7fdebb994830c70a5134424bbd0e5d79a029c

---
 lib/private/User/Session.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/lib/private/User/Session.php b/lib/private/User/Session.php
index a811f038a0eb4..27088af880858 100644
--- a/lib/private/User/Session.php
+++ b/lib/private/User/Session.php
@@ -740,6 +740,7 @@ public function tryTokenLogin(IRequest $request) {
 			}
 		} else {
 			$token = substr($authHeader, 7);
+			$loginWithHeader = true;
 		}
 
 		if (!$this->loginWithToken($token)) {
@@ -748,7 +749,10 @@ public function tryTokenLogin(IRequest $request) {
 		if(!$this->validateToken($token)) {
 			return false;
 		}
-		$this->session->set('last-password-confirm', $this->timeFactory->getTime());
+		
+		if($loginWithHeader) {
+			$this->session->set('last-password-confirm', $this->timeFactory->getTime());
+		}
 		return true;
 	}