nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Gracefully handle SSL verification failure

Browse source
This commit is contained in:
theworldbright 2015-10-23 18:29:26 -07:00
parent 0fbcb71255
commit 8f5094c29e
1 changed files with 10 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
app/controllers/api/openid_connect/authorizations_controller.rb
View file

@ -4,7 +4,12 @@ module Api
rescue_from Rack::OAuth2::Server::Authorize::BadRequest do |e| rescue_from Rack::OAuth2::Server::Authorize::BadRequest do |e|
logger.info e.backtrace[0, 10].join("\n") logger.info e.backtrace[0, 10].join("\n")
error, description = e.message.split(" :: ") error, description = e.message.split(" :: ")
handle_prompt_params_error(error, description) handle_params_error(error, description)
end
rescue_from OpenSSL::SSL::SSLError do |e|
logger.info e.backtrace[0, 10].join("\n")
handle_params_error("ssl_error", e.message)
end end
before_action :auth_user_unless_prompt_none! before_action :auth_user_unless_prompt_none!
@ -49,7 +54,7 @@ module Api
def handle_prompt(prompt, auth) def handle_prompt(prompt, auth)
if prompt.include? "select_account" if prompt.include? "select_account"
handle_prompt_params_error("account_selection_required", handle_params_error("account_selection_required",
"There is no support for choosing among multiple accounts") "There is no support for choosing among multiple accounts")
elsif prompt.include? "none" elsif prompt.include? "none"
handle_prompt_none(prompt, auth) handle_prompt_none(prompt, auth)
@ -105,11 +110,11 @@ module Api
if auth if auth
process_authorization_consent("true") process_authorization_consent("true")
else else
handle_prompt_params_error("interaction_required", handle_params_error("interaction_required",
"The Authentication Request cannot be completed without end-user interaction") "The Authentication Request cannot be completed without end-user interaction")
end end
else else
handle_prompt_params_error("invalid_request", handle_params_error("invalid_request",
"The 'none' value cannot be used with any other prompt value") "The 'none' value cannot be used with any other prompt value")
end end
end end
@ -190,7 +195,7 @@ module Api
end end
end end
def handle_prompt_params_error(error, error_description) def handle_params_error(error, error_description)
if params[:client_id] && params[:redirect_uri] if params[:client_id] && params[:redirect_uri]
app = Api::OpenidConnect::OAuthApplication.find_by(client_id: params[:client_id]) app = Api::OpenidConnect::OAuthApplication.find_by(client_id: params[:client_id])
if app && app.redirect_uris.include?(params[:redirect_uri]) if app && app.redirect_uris.include?(params[:redirect_uri])