mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

show error page if no valid client identifier is given and if it is not a API request 

Signed-off-by: Bjoern Schiessle <bjoern@schiessle.org>
This commit is contained in:
Bjoern Schiessle 2017-05-12 12:44:22 +02:00 committed by Lukas Reschke
parent 1a8965b488
commit a74d67b69c
No known key found for this signature in database
GPG Key ID: B9F6980CF6E759B1
1 changed files with 25 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
core/Controller/ClientFlowLoginController.php
View File

@ -151,18 +151,37 @@ class ClientFlowLoginController extends Controller {
*/
public function showAuthPickerPage($clientIdentifier = '',
$oauthState = '') {
$clientName = $this->getClientName();
$client = null;
if($clientIdentifier !== '') {
$client = $this->clientMapper->getByIdentifier($clientIdentifier);
$clientName = $client->getName();
}
$validClient = $client !== null && $client->getClientIdentifier() !== null;
$cookieCheckSuccessful = $this->request->passesStrictCookieCheck();
// no valid clientIdentifier given and no valid API Request (APIRequest header not set)
if ($cookieCheckSuccessful === false && $validClient === false) {
return new TemplateResponse(
$this->appName,
'error',
['errors' =>
[
['error' => 'Access Forbidden', 'hint' => 'Invalid request']
]
]
);
}
$stateToken = $this->random->generate(
64,
ISecureRandom::CHAR_LOWER.ISecureRandom::CHAR_UPPER.ISecureRandom::CHAR_DIGITS
);
$this->session->set(self::stateName, $stateToken);
$clientName = $this->getClientName();
if($clientIdentifier !== '') {
$client = $this->clientMapper->getByIdentifier($clientIdentifier);
$clientName = $client->getName();
}
return new TemplateResponse(
$this->appName,
'loginflow/authpicker',