mirror of
https://github.com/discourse/discourse.git
synced 2024-11-25 02:11:08 -06:00
DEV: Update DiscourseConnect nonce errors to be more descriptive (#14858)
This commit is contained in:
parent
769d53ff09
commit
5ac10e2e79
@ -50,8 +50,10 @@ class DiscourseSingleSignOn < SingleSignOn
|
||||
def nonce_error
|
||||
if Discourse.cache.read(used_nonce_key).present?
|
||||
"Nonce has already been used"
|
||||
elsif SiteSetting.discourse_connect_csrf_protection
|
||||
"Nonce is incorrect, was generated in a different browser session, or has expired"
|
||||
else
|
||||
"Nonce has expired"
|
||||
"Nonce is incorrect, or has expired"
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -544,7 +544,18 @@ describe DiscourseSingleSignOn do
|
||||
expect(sso.nonce_valid?).to eq true
|
||||
|
||||
Discourse.cache.delete(sso.used_nonce_key)
|
||||
expect(sso.nonce_error).to eq("Nonce has expired")
|
||||
expect(sso.nonce_error).to eq("Nonce is incorrect, was generated in a different browser session, or has expired")
|
||||
end
|
||||
|
||||
it "generates correct error message when nonce is expired, and csrf protection disabled" do
|
||||
SiteSetting.discourse_connect_csrf_protection = false
|
||||
_ , payload = DiscourseSingleSignOn.generate_url(secure_session: secure_session).split("?")
|
||||
|
||||
sso = DiscourseSingleSignOn.parse(payload, secure_session: secure_session)
|
||||
expect(sso.nonce_valid?).to eq true
|
||||
|
||||
Discourse.cache.delete(sso.used_nonce_key)
|
||||
expect(sso.nonce_error).to eq("Nonce is incorrect, or has expired")
|
||||
end
|
||||
end
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user