diff options
| author | Roeland Jago Douma <roeland@famdouma.nl> | 2018-12-06 15:23:28 +0100 |
|---|---|---|
| committer | Roeland Jago Douma <roeland@famdouma.nl> | 2018-12-06 21:14:34 +0100 |
| commit | 1e6711305a9cca956a76f7a0097721a409a2b845 (patch) | |
| tree | c257a6368b0b87edb719b5cce422f8e4fdd19b14 /apps/oauth2/lib | |
| parent | bc35bf14f08f6b91065377d4741762ccfba63814 (diff) | |
| download | nextcloud-server-1e6711305a9cca956a76f7a0097721a409a2b845.tar.gz nextcloud-server-1e6711305a9cca956a76f7a0097721a409a2b845.zip | |
Fail gracefull if an unkown oauth2 client tries to authenticate
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'apps/oauth2/lib')
| -rw-r--r-- | apps/oauth2/lib/Controller/LoginRedirectorController.php | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/apps/oauth2/lib/Controller/LoginRedirectorController.php b/apps/oauth2/lib/Controller/LoginRedirectorController.php index 8e6d6d55e2d..8e8cff1b1a5 100644 --- a/apps/oauth2/lib/Controller/LoginRedirectorController.php +++ b/apps/oauth2/lib/Controller/LoginRedirectorController.php @@ -22,8 +22,12 @@ namespace OCA\OAuth2\Controller; use OCA\OAuth2\Db\ClientMapper; +use OCA\OAuth2\Exceptions\ClientNotFoundException; use OCP\AppFramework\Controller; use OCP\AppFramework\Http\RedirectResponse; +use OCP\AppFramework\Http\Response; +use OCP\AppFramework\Http\TemplateResponse; +use OCP\IL10N; use OCP\IRequest; use OCP\ISession; use OCP\IURLGenerator; @@ -35,6 +39,8 @@ class LoginRedirectorController extends Controller { private $clientMapper; /** @var ISession */ private $session; + /** @var IL10N */ + private $l; /** * @param string $appName @@ -42,16 +48,19 @@ class LoginRedirectorController extends Controller { * @param IURLGenerator $urlGenerator * @param ClientMapper $clientMapper * @param ISession $session + * @param IL10N $l */ public function __construct($appName, IRequest $request, IURLGenerator $urlGenerator, ClientMapper $clientMapper, - ISession $session) { + ISession $session, + IL10N $l) { parent::__construct($appName, $request); $this->urlGenerator = $urlGenerator; $this->clientMapper = $clientMapper; $this->session = $session; + $this->l = $l; } /** @@ -62,12 +71,20 @@ class LoginRedirectorController extends Controller { * @param string $client_id * @param string $state * @param string $response_type - * @return RedirectResponse + * @return Response */ public function authorize($client_id, $state, $response_type) { - $client = $this->clientMapper->getByIdentifier($client_id); + try { + $client = $this->clientMapper->getByIdentifier($client_id); + } catch (ClientNotFoundException $e) { + $response = new TemplateResponse('core', '404', 'guest'); + $response->setParams([ + 'content' => $this->l->t('Your client is not authorized to connect. Please inform the administrator of your client.'), + ]); + return $response; + } if ($response_type !== 'code') { //Fail |