revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-23 15:22:41 +01:00
Code Issues Releases Wiki Activity

Fix exception in OAuthServerAuthController

Browse source 
Summary:
We've been building a Jenkins plugin that allows you to use your Phabricator login details in Jenkins using the inbuilt OAuthServer. I noticed that when making a request to /oauthserver/auth/?client_id=&response_type=code I get an error back from the server.

I've traced this down to two bugs in PhabricatorOAuthServerAuthController, the first causes a null value error on $access_token_uri, and the second fails on userHasAuthorizedClient without a $scope array.

Test Plan: Go to /oauthserver/auth/?client_id=<client_id>&response_type=code and get a valid authorization code back

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4808
This commit is contained in:
Toby Hughes 2013-02-06 08:59:53 -08:00 committed by epriestley
parent f912fa1ab7
commit 1188876ea9
1 changed files with 2 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/applications/oauthserver/controller/PhabricatorOAuthServerAuthController.php
View file

@ -15,7 +15,7 @@ extends PhabricatorAuthController {
$current_user = $request->getUser(); $current_user = $request->getUser();
$server = new PhabricatorOAuthServer(); $server = new PhabricatorOAuthServer();
$client_phid = $request->getStr('client_id'); $client_phid = $request->getStr('client_id');
$scope = $request->getStr('scope'); $scope = $request->getStr('scope', array());
$redirect_uri = $request->getStr('redirect_uri'); $redirect_uri = $request->getStr('redirect_uri');
$state = $request->getStr('state'); $state = $request->getStr('state');
$response_type = $request->getStr('response_type'); $response_type = $request->getStr('response_type');
@ -63,10 +63,8 @@ extends PhabricatorAuthController {
return $response; return $response;
} }
$uri = $redirect_uri; $uri = $redirect_uri;
$access_token_uri = $uri;
} else { } else {
$uri = new PhutilURI($client->getRedirectURI()); $uri = new PhutilURI($client->getRedirectURI());
$access_token_uri = null;
} }
// we've now validated this request enough overall such that we // we've now validated this request enough overall such that we
// can safely redirect to the client with the response // can safely redirect to the client with the response
@ -121,7 +119,7 @@ extends PhabricatorAuthController {
if ($return_auth_code) { if ($return_auth_code) {
// step 1 -- generate authorization code // step 1 -- generate authorization code
$auth_code = $auth_code =
$server->generateAuthorizationCode($access_token_uri); $server->generateAuthorizationCode($uri);
// step 2 return it // step 2 return it
$content = array( $content = array(