revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 08:52:39 +01:00
Code Issues Releases Wiki Activity

Don't actually construct auth providers when checking for their existence

Browse source 
Summary:
A user reported this stack trace:

http://pastebin.com/6auGbZsE

...on this GitHub issue:

https://github.com/facebook/phabricator/issues/389#issuecomment-36612511

The problem is similar to the original report, but not identical. In this case, we're following a sequence of steps like:

  - Run setup checks.
    - Check for enabled providers, in order to raise "no providers configured yet" warning.
      - Try to generate login/redirect URIs.
  - Build the request.
  - Set the default base URI.
  - Run normal code.

Since we try to generate URIs before we provide a default, this fatals. Instead, don't try to build objects.

An alternative fix might be to try to set defaults earlier, but we depend on some config and on building the Request in order to be able to figure out if a request is HTTP or HTTPS right now. We could assume one, or guess, or use protocol-relative URIs (`///host.com`), but I think this fix is a little cleaner overall. If we keep hitting similar stuff, we could look into alternate fixes.

We could also set some kind of "setup mode" flag and make `getURI()` if it's called during setup mode to detect these during testing. I'd like to hit one more of these before doing that, though.

Test Plan: Reproduced the issue, applied the patch, verified this fixes it.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D8395
This commit is contained in:
epriestley 2014-03-04 16:11:28 -08:00
parent eec9507ba7
commit cdeea11fd3
1 changed files with 16 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
src/applications/config/check/PhabricatorSetupCheckAuth.php
View file

@ -3,8 +3,22 @@
final class PhabricatorSetupCheckAuth extends PhabricatorSetupCheck {
protected function executeChecks() {
$providers = PhabricatorAuthProvider::getAllEnabledProviders();
if (!$providers) {
// NOTE: We're not actually building these providers. Building providers
// can require additional configuration to be present (e.g., to build
// redirect and login URIs using `phabricator.base-uri`) and it won't
// necessarily be available when running setup checks.
// Since this check is only meant as a hint to new administrators about
// steps they should take, we don't need to be thorough about checking
// that providers are enabled, available, correctly configured, etc. As
// long as they've created some kind of provider in the auth app before,
// they know that it exists and don't need the hint to go check it out.
$configs = id(new PhabricatorAuthProviderConfigQuery())
->setViewer(PhabricatorUser::getOmnipotentUser())
->execute();
if (!$configs) {
$message = pht(
'You have not configured any authentication providers yet. You '.
'should add a provider (like username/password, LDAP, or GitHub '.