mirrors
/
nextcloud
mirror of https://github.com/nextcloud/server.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 994 Wiki Activity
Browse Source

Fail gracefull if an unkown oauth2 client tries to authenticate 

Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
tags/v16.0.0alpha1
Roeland Jago Douma 5 years ago
parent
bc35bf14f0
commit
1e6711305a
No account linked to committer's email address
2 changed files with 26 additions and 4 deletions
Split View Show Diff Stats
  1. 20
    3
      apps/oauth2/lib/Controller/LoginRedirectorController.php
  2. 6
    1
      apps/oauth2/tests/Controller/LoginRedirectorControllerTest.php

+ 20
- 3
apps/oauth2/lib/Controller/LoginRedirectorController.php View File

@@ -22,8 +22,12 @@
namespace OCA\OAuth2\Controller;

use OCA\OAuth2\Db\ClientMapper;
use OCA\OAuth2\Exceptions\ClientNotFoundException;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\Response;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\IL10N;
use OCP\IRequest;
use OCP\ISession;
use OCP\IURLGenerator;
@@ -35,6 +39,8 @@ class LoginRedirectorController extends Controller {
private $clientMapper;
/** @var ISession */
private $session;
/** @var IL10N */
private $l;

/**
* @param string $appName
@@ -42,16 +48,19 @@ class LoginRedirectorController extends Controller {
* @param IURLGenerator $urlGenerator
* @param ClientMapper $clientMapper
* @param ISession $session
* @param IL10N $l
*/
public function __construct($appName,
IRequest $request,
IURLGenerator $urlGenerator,
ClientMapper $clientMapper,
ISession $session) {
ISession $session,
IL10N $l) {
parent::__construct($appName, $request);
$this->urlGenerator = $urlGenerator;
$this->clientMapper = $clientMapper;
$this->session = $session;
$this->l = $l;
}

/**
@@ -62,12 +71,20 @@ class LoginRedirectorController extends Controller {
* @param string $client_id
* @param string $state
* @param string $response_type
* @return RedirectResponse
* @return Response
*/
public function authorize($client_id,
$state,
$response_type) {
$client = $this->clientMapper->getByIdentifier($client_id);
try {
$client = $this->clientMapper->getByIdentifier($client_id);
} catch (ClientNotFoundException $e) {
$response = new TemplateResponse('core', '404', 'guest');
$response->setParams([
'content' => $this->l->t('Your client is not authorized to connect. Please inform the administrator of your client.'),
]);
return $response;
}

if ($response_type !== 'code') {
//Fail

+ 6
- 1
apps/oauth2/tests/Controller/LoginRedirectorControllerTest.php View File

@@ -26,6 +26,7 @@ use OCA\OAuth2\Controller\LoginRedirectorController;
use OCA\OAuth2\Db\Client;
use OCA\OAuth2\Db\ClientMapper;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\IL10N;
use OCP\IRequest;
use OCP\ISession;
use OCP\IURLGenerator;
@@ -44,6 +45,8 @@ class LoginRedirectorControllerTest extends TestCase {
private $session;
/** @var LoginRedirectorController */
private $loginRedirectorController;
/** @var IL10N */
private $l;

public function setUp() {
parent::setUp();
@@ -52,13 +55,15 @@ class LoginRedirectorControllerTest extends TestCase {
$this->urlGenerator = $this->createMock(IURLGenerator::class);
$this->clientMapper = $this->createMock(ClientMapper::class);
$this->session = $this->createMock(ISession::class);
$this->l = $this->createMock(IL10N::class);

$this->loginRedirectorController = new LoginRedirectorController(
'oauth2',
$this->request,
$this->urlGenerator,
$this->clientMapper,
$this->session
$this->session,
$this->l
);
}


Write Preview
Loading…
Cancel
Save