pkg/api: Check errors (#19657)

* pkg/api: Check errors * pkg/api: Remove unused function HashEmail
2025-02-25 18:55:37 -06:00 · 2019-10-08 18:57:53 +02:00
parent dabc848e11
commit 0a2d5e16dd
12 changed files with 86 additions and 45 deletions
--- a/pkg/api/login_oauth.go
+++ b/pkg/api/login_oauth.go
@@ -29,10 +29,13 @@ var (
 	OauthStateCookieName = "oauth_state"
 )

-func GenStateString() string {
+func GenStateString() (string, error) {
 	rnd := make([]byte, 32)
-	rand.Read(rnd)
-	return base64.URLEncoding.EncodeToString(rnd)
+	if _, err := rand.Read(rnd); err != nil {
+		oauthLogger.Error("failed to generate state string", "err", err)
+		return "", err
+	}
+	return base64.URLEncoding.EncodeToString(rnd), nil
 }

 func (hs *HTTPServer) OAuthLogin(ctx *m.ReqContext) {
@@ -58,7 +61,13 @@ func (hs *HTTPServer) OAuthLogin(ctx *m.ReqContext) {

 	code := ctx.Query("code")
 	if code == "" {
-		state := GenStateString()
+		state, err := GenStateString()
+		if err != nil {
+			ctx.Logger.Error("Generating state string failed", "err", err)
+			ctx.Handle(500, "An internal error occurred", nil)
+			return
+		}
+
 		hashedState := hashStatecode(state, setting.OAuthService.OAuthInfos[name].ClientSecret)
 		hs.writeCookie(ctx.Resp, OauthStateCookieName, hashedState, 60, hs.Cfg.CookieSameSite)
 		if setting.OAuthService.OAuthInfos[name].HostedDomain == "" {
@@ -239,7 +248,9 @@ func hashStatecode(code, seed string) string {

 func (hs *HTTPServer) redirectWithError(ctx *m.ReqContext, err error, v ...interface{}) {
 	ctx.Logger.Error(err.Error(), v...)
-	hs.trySetEncryptedCookie(ctx, LoginErrorCookieName, err.Error(), 60)
+	if err := hs.trySetEncryptedCookie(ctx, LoginErrorCookieName, err.Error(), 60); err != nil {
+		oauthLogger.Error("Failed to set encrypted cookie", "err", err)
+	}

 	ctx.Redirect(setting.AppSubUrl + "/login")
 }