IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2024-12-30 10:47:30 -06:00
Code Issues Packages Projects Releases Wiki Activity

OAuth: Redirect to login if no oauth module is found or if module is not configured (#50661)

Browse Source 
* OAuth: Redirect to login if no oauth module is found or if module is not
configured

* OAuth: Update test to check for location header
This commit is contained in:
Karl Persson 2022-06-13 16:59:15 +02:00 committed by GitHub
parent 6aa29e1b84
commit 95a4c4a4d6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
pkg/api/login_oauth.go
View File

@ -75,19 +75,13 @@ func (hs *HTTPServer) OAuthLogin(ctx *models.ReqContext) {
loginInfo.AuthModule = name loginInfo.AuthModule = name
provider := hs.SocialService.GetOAuthInfoProvider(name) provider := hs.SocialService.GetOAuthInfoProvider(name)
if provider == nil { if provider == nil {
hs.handleOAuthLoginError(ctx, loginInfo, LoginError{ hs.handleOAuthLoginErrorWithRedirect(ctx, loginInfo, errors.New("OAuth not enabled"))
HttpStatus: http.StatusNotFound,
PublicMessage: "OAuth not enabled",
})
return return
} }
connect, err := hs.SocialService.GetConnector(name) connect, err := hs.SocialService.GetConnector(name)
if err != nil { if err != nil {
hs.handleOAuthLoginError(ctx, loginInfo, LoginError{ hs.handleOAuthLoginErrorWithRedirect(ctx, loginInfo, fmt.Errorf("no OAuth with name %s configured", name))
HttpStatus: http.StatusNotFound,
PublicMessage: fmt.Sprintf("No OAuth with name %s configured", name),
})
return return
} }

19
pkg/api/login_oauth_test.go
View File

@ -9,6 +9,8 @@ import (
"path/filepath" "path/filepath"
"testing" "testing"
"github.com/grafana/grafana/pkg/services/secrets/fakes"
"github.com/stretchr/testify/assert" "github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require" "github.com/stretchr/testify/require"
@ -31,11 +33,12 @@ func setupOAuthTest(t *testing.T, cfg *setting.Cfg) *web.Mux {
sqlStore := sqlstore.InitTestDB(t) sqlStore := sqlstore.InitTestDB(t)
hs := &HTTPServer{ hs := &HTTPServer{
Cfg: cfg, Cfg: cfg,
License: &licensing.OSSLicensingService{Cfg: cfg}, License: &licensing.OSSLicensingService{Cfg: cfg},
SQLStore: sqlStore, SQLStore: sqlStore,
SocialService: social.ProvideService(cfg), SocialService: social.ProvideService(cfg),
HooksService: hooks.ProvideService(), HooksService: hooks.ProvideService(),
SecretsService: fakes.NewFakeSecretsService(),
} }
m := web.New() m := web.New()
@ -55,9 +58,9 @@ func TestOAuthLogin_UnknownProvider(t *testing.T) {
recorder := httptest.NewRecorder() recorder := httptest.NewRecorder()
m.ServeHTTP(recorder, req) m.ServeHTTP(recorder, req)
// expect to be redirected to /login
assert.Equal(t, http.StatusNotFound, recorder.Code) assert.Equal(t, http.StatusFound, recorder.Code)
assert.Contains(t, recorder.Body.String(), "OAuth not enabled") assert.Equal(t, "/login", recorder.Header().Get("Location"))
} }
func TestOAuthLogin_Base(t *testing.T) { func TestOAuthLogin_Base(t *testing.T) {