OAuth: Redirect to login if no oauth module is found or if module is not configured (#50661)

* OAuth: Redirect to login if no oauth module is found or if module is not configured * OAuth: Update test to check for location header
2024-12-28 18:01:40 -06:00 · 2022-06-13 16:59:15 +02:00 · 2022-06-13 16:59:15 +02:00 · 95a4c4a4d6
commit 95a4c4a4d6
parent 6aa29e1b84
2 changed files with 13 additions and 16 deletions
--- a/pkg/api/login_oauth.go
+++ b/pkg/api/login_oauth.go
@ -75,19 +75,13 @@ func (hs *HTTPServer) OAuthLogin(ctx *models.ReqContext) {
 	loginInfo.AuthModule = name
 	provider := hs.SocialService.GetOAuthInfoProvider(name)
 	if provider == nil {
-		hs.handleOAuthLoginError(ctx, loginInfo, LoginError{
-			HttpStatus:    http.StatusNotFound,
-			PublicMessage: "OAuth not enabled",
-		})
+		hs.handleOAuthLoginErrorWithRedirect(ctx, loginInfo, errors.New("OAuth not enabled"))
 		return
 	}

 	connect, err := hs.SocialService.GetConnector(name)
 	if err != nil {
-		hs.handleOAuthLoginError(ctx, loginInfo, LoginError{
-			HttpStatus:    http.StatusNotFound,
-			PublicMessage: fmt.Sprintf("No OAuth with name %s configured", name),
-		})
+		hs.handleOAuthLoginErrorWithRedirect(ctx, loginInfo, fmt.Errorf("no OAuth with name %s configured", name))
 		return
 	}

--- a/pkg/api/login_oauth_test.go
+++ b/pkg/api/login_oauth_test.go
@ -9,6 +9,8 @@ import (
 	"path/filepath"
 	"testing"

+	"github.com/grafana/grafana/pkg/services/secrets/fakes"
+
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"

@ -31,11 +33,12 @@ func setupOAuthTest(t *testing.T, cfg *setting.Cfg) *web.Mux {
 	sqlStore := sqlstore.InitTestDB(t)

 	hs := &HTTPServer{
-		Cfg:           cfg,
-		License:       &licensing.OSSLicensingService{Cfg: cfg},
-		SQLStore:      sqlStore,
-		SocialService: social.ProvideService(cfg),
-		HooksService:  hooks.ProvideService(),
+		Cfg:            cfg,
+		License:        &licensing.OSSLicensingService{Cfg: cfg},
+		SQLStore:       sqlStore,
+		SocialService:  social.ProvideService(cfg),
+		HooksService:   hooks.ProvideService(),
+		SecretsService: fakes.NewFakeSecretsService(),
 	}

 	m := web.New()
@ -55,9 +58,9 @@ func TestOAuthLogin_UnknownProvider(t *testing.T) {
 	recorder := httptest.NewRecorder()

 	m.ServeHTTP(recorder, req)
-
-	assert.Equal(t, http.StatusNotFound, recorder.Code)
-	assert.Contains(t, recorder.Body.String(), "OAuth not enabled")
+	// expect to be redirected to /login
+	assert.Equal(t, http.StatusFound, recorder.Code)
+	assert.Equal(t, "/login", recorder.Header().Get("Location"))
 }

 func TestOAuthLogin_Base(t *testing.T) {