Merge pull request #7859 from nextcloud/master-7806

Fix bug with proxies
This commit is contained in:
Joas Schilling 2018-01-15 10:59:04 +01:00 committed by GitHub
commit dbd1620cef
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 135 additions and 1 deletions

View File

@ -315,7 +315,18 @@ class ClientFlowLoginController extends Controller {
$serverPostfix = substr($this->request->getRequestUri(), 0, strpos($this->request->getRequestUri(), '/login/flow'));
}
$serverPath = $this->request->getServerProtocol() . "://" . $this->request->getServerHost() . $serverPostfix;
$protocol = $this->request->getServerProtocol();
if ($protocol !== "https") {
$xForwardedProto = $this->request->getHeader('X-Forwarded-Proto');
$xForwardedSSL = $this->request->getHeader('X-Forwarded-Ssl');
if ($xForwardedProto === 'https' || $xForwardedSSL === 'on') {
$protocol = 'https';
}
}
$serverPath = $protocol . "://" . $this->request->getServerHost() . $serverPostfix;
$redirectUri = 'nc://login/server:' . $serverPath . '&user:' . urlencode($loginName) . '&password:' . urlencode($token);
}

View File

@ -587,4 +587,127 @@ class ClientFlowLoginControllerTest extends TestCase {
$expected = new Http\RedirectResponse('nc://login/server:http://example.com&user:MyLoginName&password:MyGeneratedToken');
$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));
}
public function dataGeneratePasswordWithHttpsProxy() {
return [
[
[
['X-Forwarded-Proto', 'http'],
['X-Forwarded-Ssl', 'off'],
],
'http',
'http',
],
[
[
['X-Forwarded-Proto', 'http'],
['X-Forwarded-Ssl', 'off'],
],
'https',
'https',
],
[
[
['X-Forwarded-Proto', 'https'],
['X-Forwarded-Ssl', 'off'],
],
'http',
'https',
],
[
[
['X-Forwarded-Proto', 'https'],
['X-Forwarded-Ssl', 'on'],
],
'http',
'https',
],
[
[
['X-Forwarded-Proto', 'http'],
['X-Forwarded-Ssl', 'on'],
],
'http',
'https',
],
];
}
/**
* @dataProvider dataGeneratePasswordWithHttpsProxy
* @param array $headers
* @param string $protocol
* @param string $expected
*/
public function testGeneratePasswordWithHttpsProxy(array $headers, $protocol, $expected) {
$this->session
->expects($this->once())
->method('get')
->with('client.flow.state.token')
->willReturn('MyStateToken');
$this->session
->expects($this->once())
->method('remove')
->with('client.flow.state.token');
$this->session
->expects($this->once())
->method('getId')
->willReturn('SessionId');
$myToken = $this->createMock(IToken::class);
$myToken
->expects($this->once())
->method('getLoginName')
->willReturn('MyLoginName');
$this->tokenProvider
->expects($this->once())
->method('getToken')
->with('SessionId')
->willReturn($myToken);
$this->tokenProvider
->expects($this->once())
->method('getPassword')
->with($myToken, 'SessionId')
->willReturn('MyPassword');
$this->random
->expects($this->once())
->method('generate')
->with(72)
->willReturn('MyGeneratedToken');
$user = $this->createMock(IUser::class);
$user
->expects($this->once())
->method('getUID')
->willReturn('MyUid');
$this->userSession
->expects($this->once())
->method('getUser')
->willReturn($user);
$this->tokenProvider
->expects($this->once())
->method('generateToken')
->with(
'MyGeneratedToken',
'MyUid',
'MyLoginName',
'MyPassword',
'unknown',
IToken::PERMANENT_TOKEN,
IToken::DO_NOT_REMEMBER
);
$this->request
->expects($this->once())
->method('getServerProtocol')
->willReturn($protocol);
$this->request
->expects($this->once())
->method('getServerHost')
->willReturn('example.com');
$this->request
->expects($this->atLeastOnce())
->method('getHeader')
->willReturnMap($headers);
$expected = new Http\RedirectResponse('nc://login/server:' . $expected . '://example.com&user:MyLoginName&password:MyGeneratedToken');
$this->assertEquals($expected, $this->clientFlowLoginController->generateAppPassword('MyStateToken'));
}
}