Fail gracefull if an unkown oauth2 client tries to authenticate
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
parent
bc35bf14f0
commit
1e6711305a
|
@ -22,8 +22,12 @@
|
|||
namespace OCA\OAuth2\Controller;
|
||||
|
||||
use OCA\OAuth2\Db\ClientMapper;
|
||||
use OCA\OAuth2\Exceptions\ClientNotFoundException;
|
||||
use OCP\AppFramework\Controller;
|
||||
use OCP\AppFramework\Http\RedirectResponse;
|
||||
use OCP\AppFramework\Http\Response;
|
||||
use OCP\AppFramework\Http\TemplateResponse;
|
||||
use OCP\IL10N;
|
||||
use OCP\IRequest;
|
||||
use OCP\ISession;
|
||||
use OCP\IURLGenerator;
|
||||
|
@ -35,6 +39,8 @@ class LoginRedirectorController extends Controller {
|
|||
private $clientMapper;
|
||||
/** @var ISession */
|
||||
private $session;
|
||||
/** @var IL10N */
|
||||
private $l;
|
||||
|
||||
/**
|
||||
* @param string $appName
|
||||
|
@ -42,16 +48,19 @@ class LoginRedirectorController extends Controller {
|
|||
* @param IURLGenerator $urlGenerator
|
||||
* @param ClientMapper $clientMapper
|
||||
* @param ISession $session
|
||||
* @param IL10N $l
|
||||
*/
|
||||
public function __construct($appName,
|
||||
IRequest $request,
|
||||
IURLGenerator $urlGenerator,
|
||||
ClientMapper $clientMapper,
|
||||
ISession $session) {
|
||||
ISession $session,
|
||||
IL10N $l) {
|
||||
parent::__construct($appName, $request);
|
||||
$this->urlGenerator = $urlGenerator;
|
||||
$this->clientMapper = $clientMapper;
|
||||
$this->session = $session;
|
||||
$this->l = $l;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -62,12 +71,20 @@ class LoginRedirectorController extends Controller {
|
|||
* @param string $client_id
|
||||
* @param string $state
|
||||
* @param string $response_type
|
||||
* @return RedirectResponse
|
||||
* @return Response
|
||||
*/
|
||||
public function authorize($client_id,
|
||||
$state,
|
||||
$response_type) {
|
||||
try {
|
||||
$client = $this->clientMapper->getByIdentifier($client_id);
|
||||
} catch (ClientNotFoundException $e) {
|
||||
$response = new TemplateResponse('core', '404', 'guest');
|
||||
$response->setParams([
|
||||
'content' => $this->l->t('Your client is not authorized to connect. Please inform the administrator of your client.'),
|
||||
]);
|
||||
return $response;
|
||||
}
|
||||
|
||||
if ($response_type !== 'code') {
|
||||
//Fail
|
||||
|
|
|
@ -26,6 +26,7 @@ use OCA\OAuth2\Controller\LoginRedirectorController;
|
|||
use OCA\OAuth2\Db\Client;
|
||||
use OCA\OAuth2\Db\ClientMapper;
|
||||
use OCP\AppFramework\Http\RedirectResponse;
|
||||
use OCP\IL10N;
|
||||
use OCP\IRequest;
|
||||
use OCP\ISession;
|
||||
use OCP\IURLGenerator;
|
||||
|
@ -44,6 +45,8 @@ class LoginRedirectorControllerTest extends TestCase {
|
|||
private $session;
|
||||
/** @var LoginRedirectorController */
|
||||
private $loginRedirectorController;
|
||||
/** @var IL10N */
|
||||
private $l;
|
||||
|
||||
public function setUp() {
|
||||
parent::setUp();
|
||||
|
@ -52,13 +55,15 @@ class LoginRedirectorControllerTest extends TestCase {
|
|||
$this->urlGenerator = $this->createMock(IURLGenerator::class);
|
||||
$this->clientMapper = $this->createMock(ClientMapper::class);
|
||||
$this->session = $this->createMock(ISession::class);
|
||||
$this->l = $this->createMock(IL10N::class);
|
||||
|
||||
$this->loginRedirectorController = new LoginRedirectorController(
|
||||
'oauth2',
|
||||
$this->request,
|
||||
$this->urlGenerator,
|
||||
$this->clientMapper,
|
||||
$this->session
|
||||
$this->session,
|
||||
$this->l
|
||||
);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue