github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-30 15:28:37 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FEATURE: allow for overlapping DiscourseConnect secrets per domain (#16915)

Browse Source 
Previously we limited Discourse Connect provider to 1 secret per domain.

This made it pretty awkward to cycle secrets in environments where config
takes time to propagate

This change allows for the same domain to have multiple secrets

Also fixes internal implementation on DiscourseConnectProvider which was
not thread safe as it leaned on class variables to ferry data around

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
Co-authored-by: David Taylor <david@taylorhq.com>
This commit is contained in:
Sam
2022-05-31 15:24:04 +10:00
committed by GitHub
parent 30bd1dcefd
commit 020c77440e
4 changed files with 71 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/session_controller.rb
View File

@ -79,7 +79,7 @@ class SessionController < ApplicationController
end
rescue DiscourseConnectProvider::BlankSecret
render plain: I18n.t("discourse_connect.missing_secret"), status: 400
rescue DiscourseConnectProvider::ParseError => e
rescue DiscourseConnectProvider::ParseError
# Do NOT pass the error text to the client, it would give them the correct signature
render plain: I18n.t("discourse_connect.login_error"), status: 422
rescue DiscourseConnectProvider::BlankReturnUrl