mirrors
/
nextcloud
зеркало из https://github.com/nextcloud/server.git
Следить 1
В избранное 0
Форкнуть 0
Код Задачи 0 Релизы 993 Вики Активность
Просмотр исходного кода

fix(auth): Keep redirect URL during 2FA setup and challenge 

Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
backport/44745/stable29
Christoph Wurst 1 месяц назад
Родитель
be6cf3a439
Сommit
67071f8875
4 измененных файлов: 17 добавлений и 8 удалений
Единый вид Показать статистику Diff
  1. 6
    3
      core/Controller/TwoFactorChallengeController.php
  2. 4
    2
      core/Middleware/TwoFactorMiddleware.php
  3. 1
    0
      core/templates/twofactorsetupselection.php
  4. 6
    3
      tests/Core/Controller/TwoFactorChallengeControllerTest.php

+ 6
- 3
core/Controller/TwoFactorChallengeController.php Просмотреть файл

* @NoCSRFRequired * @NoCSRFRequired
*/ */
#[FrontpageRoute(verb: 'GET', url: 'login/setupchallenge')] #[FrontpageRoute(verb: 'GET', url: 'login/setupchallenge')]
public function setupProviders(): StandaloneTemplateResponse {
public function setupProviders(?string $redirect_url = null): StandaloneTemplateResponse {
$user = $this->userSession->getUser(); $user = $this->userSession->getUser();
$setupProviders = $this->twoFactorManager->getLoginSetupProviders($user); $setupProviders = $this->twoFactorManager->getLoginSetupProviders($user);


$data = [ $data = [
'providers' => $setupProviders, 'providers' => $setupProviders,
'logout_url' => $this->getLogoutUrl(), 'logout_url' => $this->getLogoutUrl(),
'redirect_url' => $redirect_url,
]; ];


return new StandaloneTemplateResponse($this->appName, 'twofactorsetupselection', $data, 'guest'); return new StandaloneTemplateResponse($this->appName, 'twofactorsetupselection', $data, 'guest');
* @NoCSRFRequired * @NoCSRFRequired
*/ */
#[FrontpageRoute(verb: 'GET', url: 'login/setupchallenge/{providerId}')] #[FrontpageRoute(verb: 'GET', url: 'login/setupchallenge/{providerId}')]
public function setupProvider(string $providerId) {
public function setupProvider(string $providerId, ?string $redirect_url = null) {
$user = $this->userSession->getUser(); $user = $this->userSession->getUser();
$providers = $this->twoFactorManager->getLoginSetupProviders($user); $providers = $this->twoFactorManager->getLoginSetupProviders($user);


$data = [ $data = [
'provider' => $provider, 'provider' => $provider,
'logout_url' => $this->getLogoutUrl(), 'logout_url' => $this->getLogoutUrl(),
'redirect_url' => $redirect_url,
'template' => $tmpl->fetchPage(), 'template' => $tmpl->fetchPage(),
]; ];
$response = new StandaloneTemplateResponse($this->appName, 'twofactorsetupchallenge', $data, 'guest'); $response = new StandaloneTemplateResponse($this->appName, 'twofactorsetupchallenge', $data, 'guest');
* @todo handle the extreme edge case of an invalid provider ID and redirect to the provider selection page * @todo handle the extreme edge case of an invalid provider ID and redirect to the provider selection page
*/ */
#[FrontpageRoute(verb: 'POST', url: 'login/setupchallenge/{providerId}')] #[FrontpageRoute(verb: 'POST', url: 'login/setupchallenge/{providerId}')]
public function confirmProviderSetup(string $providerId) {
public function confirmProviderSetup(string $providerId, ?string $redirect_url = null) {
return new RedirectResponse($this->urlGenerator->linkToRoute( return new RedirectResponse($this->urlGenerator->linkToRoute(
'core.TwoFactorChallenge.showChallenge', 'core.TwoFactorChallenge.showChallenge',
[ [
'challengeProviderId' => $providerId, 'challengeProviderId' => $providerId,
'redirect_url' => $redirect_url,
] ]
)); ));
} }

+ 4
- 2
core/Middleware/TwoFactorMiddleware.php Просмотреть файл



public function afterException($controller, $methodName, Exception $exception) { public function afterException($controller, $methodName, Exception $exception) {
if ($exception instanceof TwoFactorAuthRequiredException) { if ($exception instanceof TwoFactorAuthRequiredException) {
$params = [];
if (isset($this->request->server['REQUEST_URI'])) {
$params = [
'redirect_url' => $this->request->getParam('redirect_url'),
];
if (!isset($params['redirect_url']) && isset($this->request->server['REQUEST_URI'])) {
$params['redirect_url'] = $this->request->server['REQUEST_URI']; $params['redirect_url'] = $this->request->server['REQUEST_URI'];
} }
return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge', $params)); return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge', $params));

+ 1
- 0
core/templates/twofactorsetupselection.php Просмотреть файл

href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.setupProvider', href="<?php p(\OC::$server->getURLGenerator()->linkToRoute('core.TwoFactorChallenge.setupProvider',
[ [
'providerId' => $provider->getId(), 'providerId' => $provider->getId(),
'redirect_url' => $_['redirect_url'],
] ]
)) ?>"> )) ?>">
<?php <?php

+ 6
- 3
tests/Core/Controller/TwoFactorChallengeControllerTest.php Просмотреть файл

$this->assertEquals($expected, $this->controller->solveChallenge('myprovider', 'token', '/url')); $this->assertEquals($expected, $this->controller->solveChallenge('myprovider', 'token', '/url'));
} }


public function testSetUpProviders() {
public function testSetUpProviders(): void {
$user = $this->createMock(IUser::class); $user = $this->createMock(IUser::class);
$this->userSession->expects($this->once()) $this->userSession->expects($this->once())
->method('getUser') ->method('getUser')
$provider, $provider,
], ],
'logout_url' => 'logoutAttribute', 'logout_url' => 'logoutAttribute',
'redirect_url' => null,
], ],
'guest' 'guest'
); );
$this->assertEquals($expected, $response); $this->assertEquals($expected, $response);
} }


public function testSetUpProvider() {
public function testSetUpProvider(): void {
$user = $this->createMock(IUser::class); $user = $this->createMock(IUser::class);
$this->userSession->expects($this->once()) $this->userSession->expects($this->once())
->method('getUser') ->method('getUser')
'provider' => $provider, 'provider' => $provider,
'logout_url' => 'logoutAttribute', 'logout_url' => 'logoutAttribute',
'template' => 'tmpl', 'template' => 'tmpl',
'redirect_url' => null,
], ],
'guest' 'guest'
); );
$this->assertEquals($expected, $response); $this->assertEquals($expected, $response);
} }


public function testConfirmProviderSetup() {
public function testConfirmProviderSetup(): void {
$this->urlGenerator->expects($this->once()) $this->urlGenerator->expects($this->once())
->method('linkToRoute') ->method('linkToRoute')
->with( ->with(
'core.TwoFactorChallenge.showChallenge', 'core.TwoFactorChallenge.showChallenge',
[ [
'challengeProviderId' => 'totp', 'challengeProviderId' => 'totp',
'redirect_url' => null,
]) ])
->willReturn('2fa/select/page'); ->willReturn('2fa/select/page');
$expected = new RedirectResponse('2fa/select/page'); $expected = new RedirectResponse('2fa/select/page');

Редактирование Предпросмотр
Загрузка…
Отмена
Сохранить