mirror of
https://we.phorge.it/source/phorge.git
synced 2024-09-20 09:18:48 +02:00
Straighten out absolute/relative URIs in login providers
Summary: Ref T4339. Login providers use absolute URIs, but the ones that rely on local form submits should not, because we want to include CSRF tokens where applicable. Instead, make the default be relative URIs and turn them into absolute ones for the callback proivders. Test Plan: Clicked, like, every login button. Reviewers: btrahan Reviewed By: btrahan CC: aran Maniphest Tasks: T4339 Differential Revision: https://secure.phabricator.com/D8045
This commit is contained in:
epriestley
parent
a2515921b6
commit
24544b1a2f
12 changed files with 14 additions and 15 deletions
|
|
@ -259,8 +259,7 @@ abstract class PhabricatorAuthProvider {
|
|||
|
||||
public function getLoginURI() {
|
||||
$app = PhabricatorApplication::getByClass('PhabricatorApplicationAuth');
|
||||
$uri = $app->getApplicationURI('/login/'.$this->getProviderKey().'/');
|
||||
return PhabricatorEnv::getURI($uri);
|
||||
return $app->getApplicationURI('/login/'.$this->getProviderKey().'/');
|
||||
}
|
||||
|
||||
public function getSettingsURI() {
|
||||
|
|
|
|||
|
|
@ -25,7 +25,7 @@ abstract class PhabricatorAuthProviderOAuth extends PhabricatorAuthProvider {
|
|||
$adapter->setClientSecret(
|
||||
new PhutilOpaqueEnvelope(
|
||||
$config->getProperty(self::PROPERTY_APP_SECRET)));
|
||||
$adapter->setRedirectURI($this->getLoginURI());
|
||||
$adapter->setRedirectURI(PhabricatorEnv::getURI($this->getLoginURI()));
|
||||
return $adapter;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ abstract class PhabricatorAuthProviderOAuth1 extends PhabricatorAuthProvider {
|
|||
if (strlen($secret)) {
|
||||
$adapter->setConsumerSecret(new PhutilOpaqueEnvelope($secret));
|
||||
}
|
||||
$adapter->setCallbackURI($this->getLoginURI());
|
||||
$adapter->setCallbackURI(PhabricatorEnv::getURI($this->getLoginURI()));
|
||||
return $adapter;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ final class PhabricatorAuthProviderOAuth1JIRA
|
|||
"**Step 1 of 2**: Provide the name and URI for your JIRA install.\n\n".
|
||||
"In the next step, you will configure JIRA.");
|
||||
} else {
|
||||
$login_uri = $this->getLoginURI();
|
||||
$login_uri = PhabricatorEnv::getURI($this->getLoginURI());
|
||||
return pht(
|
||||
"**Step 2 of 2**: In this step, you will configure JIRA.\n\n".
|
||||
"**Create a JIRA Application**: Log into JIRA and go to ".
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ final class PhabricatorAuthProviderOAuth1Twitter
|
|||
}
|
||||
|
||||
public function getConfigurationHelp() {
|
||||
$login_uri = $this->getLoginURI();
|
||||
$login_uri = PhabricatorEnv::getURI($this->getLoginURI());
|
||||
|
||||
return pht(
|
||||
"To configure Twitter OAuth, create a new application here:".
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ final class PhabricatorAuthProviderOAuthAmazon
|
|||
}
|
||||
|
||||
public function getConfigurationHelp() {
|
||||
$login_uri = $this->getLoginURI();
|
||||
$login_uri = PhabricatorEnv::getURI($this->getLoginURI());
|
||||
|
||||
$uri = new PhutilURI(PhabricatorEnv::getProductionURI('/'));
|
||||
$https_note = null;
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ final class PhabricatorAuthProviderOAuthAsana
|
|||
|
||||
public function getConfigurationHelp() {
|
||||
$app_uri = PhabricatorEnv::getProductionURI('/');
|
||||
$login_uri = $this->getLoginURI();
|
||||
$login_uri = PhabricatorEnv::getURI($this->getLoginURI());
|
||||
|
||||
return pht(
|
||||
"To configure Asana OAuth, create a new application here:".
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ final class PhabricatorAuthProviderOAuthDisqus
|
|||
}
|
||||
|
||||
public function getConfigurationHelp() {
|
||||
$login_uri = $this->getLoginURI();
|
||||
$login_uri = PhabricatorEnv::getURI($this->getLoginURI());
|
||||
|
||||
return pht(
|
||||
"To configure Disqus OAuth, create a new application here:".
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ final class PhabricatorAuthProviderOAuthGitHub
|
|||
|
||||
public function getConfigurationHelp() {
|
||||
$uri = PhabricatorEnv::getProductionURI('/');
|
||||
$callback_uri = $this->getLoginURI();
|
||||
$callback_uri = PhabricatorEnv::getURI($this->getLoginURI());
|
||||
|
||||
return pht(
|
||||
"To configure GitHub OAuth, create a new GitHub Application here:".
|
||||
|
|
@ -38,7 +38,7 @@ final class PhabricatorAuthProviderOAuthGitHub
|
|||
|
||||
public function getLoginURI() {
|
||||
// TODO: Clean this up. See PhabricatorAuthOldOAuthRedirectController.
|
||||
return PhabricatorEnv::getURI('/oauth/github/login/');
|
||||
return '/oauth/github/login/';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ final class PhabricatorAuthProviderOAuthGoogle
|
|||
}
|
||||
|
||||
public function getConfigurationHelp() {
|
||||
$login_uri = $this->getLoginURI();
|
||||
$login_uri = PhabricatorEnv::getURI($this->getLoginURI());
|
||||
|
||||
return pht(
|
||||
"To configure Google OAuth, create a new 'API Project' here:".
|
||||
|
|
@ -38,7 +38,7 @@ final class PhabricatorAuthProviderOAuthGoogle
|
|||
|
||||
public function getLoginURI() {
|
||||
// TODO: Clean this up. See PhabricatorAuthOldOAuthRedirectController.
|
||||
return PhabricatorEnv::getURI('/oauth/google/login/');
|
||||
return '/oauth/google/login/';
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -8,7 +8,7 @@ final class PhabricatorAuthProviderOAuthTwitch
|
|||
}
|
||||
|
||||
public function getConfigurationHelp() {
|
||||
$login_uri = $this->getLoginURI();
|
||||
$login_uri = PhabricatorEnv::getURI($this->getLoginURI());
|
||||
|
||||
return pht(
|
||||
"To configure Twitch.tv OAuth, create a new application here:".
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ final class PhabricatorAuthProviderPersona
|
|||
Javelin::initBehavior(
|
||||
'persona-login',
|
||||
array(
|
||||
'loginURI' => $this->getLoginURI(),
|
||||
'loginURI' => PhabricatorEnv::getURI($this->getLoginURI()),
|
||||
));
|
||||
|
||||
return $this->renderStandardLoginButton(
|
||||
|
|
|
|||
Loading…
Reference in a new issue