diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2018-11-02 09:39:40 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-11-02 09:39:40 +0100 |
| commit | 0f08f3cd41d05500abd50e9947e85f505c76fab6 (patch) | |
| tree | d8f404197d64d68912ff1875f662ae8411dec002 | |
| parent | d836b853ea5b66c0094f3cad7d8665c446cbeb29 (diff) | |
| parent | 92582a350d295f123d08f16f09e06baa4bc4733c (diff) | |
| download | nextcloud-server-0f08f3cd41d05500abd50e9947e85f505c76fab6.tar.gz nextcloud-server-0f08f3cd41d05500abd50e9947e85f505c76fab6.zip | |
Merge pull request #12177 from nextcloud/fix/apptoken_login_flow_proper_host
Use the proper server for the apptoken flow login
| -rw-r--r-- | core/Controller/ClientFlowLoginController.php | 44 | ||||
| -rw-r--r-- | tests/Core/Controller/ClientFlowLoginControllerTest.php | 10 |
2 files changed, 31 insertions, 23 deletions
diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php index 088a6a98699..2e8216c2ba5 100644 --- a/core/Controller/ClientFlowLoginController.php +++ b/core/Controller/ClientFlowLoginController.php @@ -197,7 +197,7 @@ class ClientFlowLoginController extends Controller { 'instanceName' => $this->defaults->getName(), 'urlGenerator' => $this->urlGenerator, 'stateToken' => $stateToken, - 'serverHost' => $this->request->getServerHost(), + 'serverHost' => $this->getServerPath(), 'oauthState' => $this->session->get('oauth.state'), ], 'guest' @@ -235,7 +235,7 @@ class ClientFlowLoginController extends Controller { 'instanceName' => $this->defaults->getName(), 'urlGenerator' => $this->urlGenerator, 'stateToken' => $stateToken, - 'serverHost' => $this->request->getServerHost(), + 'serverHost' => $this->getServerPath(), 'oauthState' => $this->session->get('oauth.state'), ], 'guest' @@ -345,32 +345,34 @@ class ClientFlowLoginController extends Controller { ); $this->session->remove('oauth.state'); } else { - $serverPostfix = ''; + $redirectUri = 'nc://login/server:' . $this->getServerPath() . '&user:' . urlencode($loginName) . '&password:' . urlencode($token); - if (strpos($this->request->getRequestUri(), '/index.php') !== false) { - $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/index.php')); - } else if (strpos($this->request->getRequestUri(), '/login/flow') !== false) { - $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/login/flow')); - } + // Clear the token from the login here + $this->tokenProvider->invalidateToken($sessionId); + } - $protocol = $this->request->getServerProtocol(); + return new Http\RedirectResponse($redirectUri); + } - if ($protocol !== "https") { - $xForwardedProto = $this->request->getHeader('X-Forwarded-Proto'); - $xForwardedSSL = $this->request->getHeader('X-Forwarded-Ssl'); - if ($xForwardedProto === 'https' || $xForwardedSSL === 'on') { - $protocol = 'https'; - } - } + private function getServerPath(): string { + $serverPostfix = ''; + if (strpos($this->request->getRequestUri(), '/index.php') !== false) { + $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/index.php')); + } else if (strpos($this->request->getRequestUri(), '/login/flow') !== false) { + $serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/login/flow')); + } - $serverPath = $protocol . "://" . $this->request->getServerHost() . $serverPostfix; - $redirectUri = 'nc://login/server:' . $serverPath . '&user:' . urlencode($loginName) . '&password:' . urlencode($token); + $protocol = $this->request->getServerProtocol(); - // Clear the token from the login here - $this->tokenProvider->invalidateToken($sessionId); + if ($protocol !== "https") { + $xForwardedProto = $this->request->getHeader('X-Forwarded-Proto'); + $xForwardedSSL = $this->request->getHeader('X-Forwarded-Ssl'); + if ($xForwardedProto === 'https' || $xForwardedSSL === 'on') { + $protocol = 'https'; + } } - return new Http\RedirectResponse($redirectUri); + return $protocol . "://" . $this->request->getServerHost() . $serverPostfix; } } diff --git a/tests/Core/Controller/ClientFlowLoginControllerTest.php b/tests/Core/Controller/ClientFlowLoginControllerTest.php index 7fe87df026f..b54897ddc44 100644 --- a/tests/Core/Controller/ClientFlowLoginControllerTest.php +++ b/tests/Core/Controller/ClientFlowLoginControllerTest.php @@ -162,6 +162,9 @@ class ClientFlowLoginControllerTest extends TestCase { ->expects($this->once()) ->method('getServerHost') ->willReturn('example.com'); + $this->request + ->method('getServerProtocol') + ->willReturn('https'); $expected = new TemplateResponse( 'core', @@ -172,7 +175,7 @@ class ClientFlowLoginControllerTest extends TestCase { 'instanceName' => 'ExampleCloud', 'urlGenerator' => $this->urlGenerator, 'stateToken' => 'StateToken', - 'serverHost' => 'example.com', + 'serverHost' => 'https://example.com', 'oauthState' => 'OauthStateToken', ], 'guest' @@ -218,6 +221,9 @@ class ClientFlowLoginControllerTest extends TestCase { ->expects($this->once()) ->method('getServerHost') ->willReturn('example.com'); + $this->request + ->method('getServerProtocol') + ->willReturn('https'); $expected = new TemplateResponse( 'core', @@ -228,7 +234,7 @@ class ClientFlowLoginControllerTest extends TestCase { 'instanceName' => 'ExampleCloud', 'urlGenerator' => $this->urlGenerator, 'stateToken' => 'StateToken', - 'serverHost' => 'example.com', + 'serverHost' => 'https://example.com', 'oauthState' => 'OauthStateToken', ], 'guest' |