mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #19964 from nextcloud/bug/19963/invalid-constructor-template-response 

Fix invalid instantiation of TemplateResponse if client not found
This commit is contained in:
Roeland Jago Douma 2020-03-17 19:38:22 +01:00 committed by GitHub
parent 50ec8631c6 509af24bc9
commit 7e1bee3389
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 24 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
apps/oauth2/lib/Controller/LoginRedirectorController.php
View File

@ -85,11 +85,10 @@ class LoginRedirectorController extends Controller {
try {
$client = $this->clientMapper->getByIdentifier($client_id);
} catch (ClientNotFoundException $e) {
$response = new TemplateResponse('core', '404', 'guest');
$response->setParams([
$params = [
'content' => $this->l->t('Your client is not authorized to connect. Please inform the administrator of your client.'),
]);
return $response;
];
return new TemplateResponse('core', '404', $params, 'guest');
}
if ($response_type !== 'code') {

22
apps/oauth2/tests/Controller/LoginRedirectorControllerTest.php
View File

@ -24,15 +24,17 @@
namespace OCA\OAuth2\Tests\Controller;
use OCA\Files_Sharing\Tests\TestCase;
use OCA\OAuth2\Controller\LoginRedirectorController;
use OCA\OAuth2\Db\Client;
use OCA\OAuth2\Db\ClientMapper;
use OCA\OAuth2\Exceptions\ClientNotFoundException;
use OCP\AppFramework\Http\RedirectResponse;
use OCP\AppFramework\Http\TemplateResponse;
use OCP\IL10N;
use OCP\IRequest;
use OCP\ISession;
use OCP\IURLGenerator;
use Test\TestCase;
/**
* @group DB
@ -114,4 +116,22 @@ class LoginRedirectorControllerTest extends TestCase {
$expected = new RedirectResponse('http://foo.bar?error=unsupported_response_type&state=MyState');
$this->assertEquals($expected, $this->loginRedirectorController->authorize('MyClientId', 'MyState', 'wrongcode'));
}
public function testClientNotFound() {
$clientNotFound = new ClientNotFoundException('could not find client test123', 0);
$this->clientMapper
->expects($this->once())
->method('getByIdentifier')
->willThrowException($clientNotFound);
$this->session
->expects($this->never())
->method('set');
$response = $this->loginRedirectorController->authorize('MyClientId', 'MyState', 'wrongcode');
$this->assertInstanceOf(TemplateResponse::class, $response);
/** @var TemplateResponse $response */
$this->assertEquals('404', $response->getTemplateName());
$this->assertEquals('guest', $response->getRenderAs());
}
}