github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-30 23:58:26 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Return 422 instead of 500 for invalid SSO signature (#6738)

Browse Source
This commit is contained in:
David Taylor
2018-12-07 15:01:44 +00:00
committed by GitHub
parent 6c71395bf6
commit f7ce607e5d
5 changed files with 53 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/single_sign_on.rb
View File

@ -1,5 +1,7 @@
class SingleSignOn
class ParseError < RuntimeError; end
ACCESSORS = %i{
add_groups
admin moderator
@ -61,9 +63,9 @@ class SingleSignOn
if sso.sign(parsed["sso"]) != parsed["sig"]
diags = "\n\nsso: #{parsed["sso"]}\n\nsig: #{parsed["sig"]}\n\nexpected sig: #{sso.sign(parsed["sso"])}"
if parsed["sso"] =~ /[^a-zA-Z0-9=\r\n\/+]/m
raise RuntimeError, "The SSO field should be Base64 encoded, using only A-Z, a-z, 0-9, +, /, and = characters. Your input contains characters we don't understand as Base64, see http://en.wikipedia.org/wiki/Base64 #{diags}"
raise ParseError, "The SSO field should be Base64 encoded, using only A-Z, a-z, 0-9, +, /, and = characters. Your input contains characters we don't understand as Base64, see http://en.wikipedia.org/wiki/Base64 #{diags}"
else
raise RuntimeError, "Bad signature for payload #{diags}"
raise ParseError, "Bad signature for payload #{diags}"
end
end