mirror of
https://we.phorge.it/source/phorge.git
synced 2024-09-22 02:08:47 +02:00
7081923bd7
Summary: The Graph API exposes a new field, security_settings, which allows applications to see whether a user has enabled Secure Browsing. This diff adds a configuration setting to Phabricator which forces users to have Secure Browsing enabled when logging in via Facebook. Test Plan: With the configuration setting off, verify that secure browsing does not affect the ability to log in. With the configuration setting on and secure browsing off, verify that the login attempts is rejected. Then verify that the login attempt succeeds when secure browsing is enabled. Reviewers: epriestley Reviewed By: epriestley CC: arice, aran, Korvin Maniphest Tasks: T1487 Differential Revision: https://secure.phabricator.com/D2964
104 lines
3.1 KiB
PHP
104 lines
3.1 KiB
PHP
<?php
|
|
|
|
/*
|
|
* Copyright 2012 Facebook, Inc.
|
|
*
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
* you may not use this file except in compliance with the License.
|
|
* You may obtain a copy of the License at
|
|
*
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
*
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
* See the License for the specific language governing permissions and
|
|
* limitations under the License.
|
|
*/
|
|
|
|
final class PhabricatorOAuthFailureView extends AphrontView {
|
|
|
|
private $request;
|
|
private $provider;
|
|
private $exception;
|
|
|
|
public function setRequest(AphrontRequest $request) {
|
|
$this->request = $request;
|
|
return $this;
|
|
}
|
|
|
|
public function setOAuthProvider($provider) {
|
|
$this->provider = $provider;
|
|
return $this;
|
|
}
|
|
|
|
public function setException(Exception $e) {
|
|
$this->exception = $e;
|
|
return $this;
|
|
}
|
|
|
|
public function render() {
|
|
$request = $this->request;
|
|
$provider = $this->provider;
|
|
$provider_name = $provider->getProviderName();
|
|
|
|
$diagnose = null;
|
|
|
|
$view = new AphrontRequestFailureView();
|
|
$view->setHeader($provider_name.' Auth Failed');
|
|
if ($this->request) {
|
|
$view->appendChild(
|
|
hsprintf(
|
|
'<p><strong>Description:</strong> %s</p>',
|
|
$request->getStr('error_description')));
|
|
$view->appendChild(
|
|
hsprintf(
|
|
'<p><strong>Error:</strong> %s</p>',
|
|
$request->getStr('error')));
|
|
$view->appendChild(
|
|
hsprintf(
|
|
'<p><strong>Error Reason:</strong> %s</p>',
|
|
$request->getStr('error_reason')));
|
|
} else if ($this->exception) {
|
|
$view->appendChild(
|
|
hsprintf(
|
|
'<p><strong>Error Details:</strong> %s</p>',
|
|
$this->exception->getMessage()));
|
|
} else {
|
|
// TODO: We can probably refine this.
|
|
$view->appendChild(
|
|
hsprintf(
|
|
'<p>Unable to authenticate with %s. '.
|
|
'There are several reasons this might happen:</p>'.
|
|
'<ul>'.
|
|
'<li>Phabricator may be configured with the wrong Application '.
|
|
'Secret; or</li>'.
|
|
'<li>the %s OAuth access token may have expired; or</li>'.
|
|
'<li>%s may have revoked authorization for the Application; '.
|
|
'or</li>'.
|
|
'<li>%s may be having technical problems.</li>'.
|
|
'</ul>'.
|
|
'<p>You can try again, or login using another method.</p>',
|
|
$provider_name,
|
|
$provider_name,
|
|
$provider_name,
|
|
$provider_name));
|
|
|
|
$provider_key = $provider->getProviderKey();
|
|
$diagnose = hsprintf(
|
|
'<a href="/oauth/'.$provider_key.'/diagnose/" class="button green">'.
|
|
'Diagnose %s OAuth Problems'.
|
|
'</a>',
|
|
$provider_name);
|
|
}
|
|
|
|
$view->appendChild(
|
|
'<div class="aphront-failure-continue">'.
|
|
$diagnose.
|
|
'<a href="/login/" class="button">Continue</a>'.
|
|
'</div>');
|
|
|
|
return $view->render();
|
|
}
|
|
|
|
}
|