github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-21 18:12:32 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Better error when SSO fails due to blank secret (#7946)

Browse Source 
* FIX: Better error when SSO fails due to blank secret

* Update spec/requests/session_controller_spec.rb

Co-Authored-By: Robin Ward <robin.ward@gmail.com>
This commit is contained in:
Osama Sayegh
2019-07-26 17:37:23 +03:00
committed by GitHub
parent fe7f0982af
commit 525920a979
4 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/controllers/session_controller.rb
View File

@ -49,7 +49,12 @@ class SessionController < ApplicationController
payload ||= request.query_string
if SiteSetting.enable_sso_provider
sso = SingleSignOnProvider.parse(payload)
begin
sso = SingleSignOnProvider.parse(payload)
rescue SingleSignOnProvider::BlankSecret
render plain: I18n.t("sso.missing_secret"), status: 400
return
end
if sso.return_sso_url.blank?
render plain: "return_sso_url is blank, it must be provided", status: 400