UserSecretStorage is missing PDO::ERRMODE_EXCEPTION

[pmeulen]

UserSecretStorage is missing the option array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION) in https://github.com/Tiqr/tiqr-server-libphp/blob/develop/library/tiqr/Tiqr/UserSecretStorage.php#L77 Because the error handling does expect exceptions from the PDO calls, errors reading or writing the user secret are not detected at this point, leading to errors later in the authentication process.

[tvdijen]

Is this the reason behind issue https://github.com/OpenConext/Stepup-tiqr/issues/164 ?

[pmeulen]

Yes, this is why the failed write of the secret is not detected in Stepup-tiqr.