mirror of
https://github.com/grafana/grafana.git
synced 2024-12-30 10:47:30 -06:00
OAuth: Redirect to login if no oauth module is found or if module is not configured (#50661)
* OAuth: Redirect to login if no oauth module is found or if module is not configured * OAuth: Update test to check for location header
This commit is contained in:
parent
6aa29e1b84
commit
95a4c4a4d6
@ -75,19 +75,13 @@ func (hs *HTTPServer) OAuthLogin(ctx *models.ReqContext) {
|
||||
loginInfo.AuthModule = name
|
||||
provider := hs.SocialService.GetOAuthInfoProvider(name)
|
||||
if provider == nil {
|
||||
hs.handleOAuthLoginError(ctx, loginInfo, LoginError{
|
||||
HttpStatus: http.StatusNotFound,
|
||||
PublicMessage: "OAuth not enabled",
|
||||
})
|
||||
hs.handleOAuthLoginErrorWithRedirect(ctx, loginInfo, errors.New("OAuth not enabled"))
|
||||
return
|
||||
}
|
||||
|
||||
connect, err := hs.SocialService.GetConnector(name)
|
||||
if err != nil {
|
||||
hs.handleOAuthLoginError(ctx, loginInfo, LoginError{
|
||||
HttpStatus: http.StatusNotFound,
|
||||
PublicMessage: fmt.Sprintf("No OAuth with name %s configured", name),
|
||||
})
|
||||
hs.handleOAuthLoginErrorWithRedirect(ctx, loginInfo, fmt.Errorf("no OAuth with name %s configured", name))
|
||||
return
|
||||
}
|
||||
|
||||
|
@ -9,6 +9,8 @@ import (
|
||||
"path/filepath"
|
||||
"testing"
|
||||
|
||||
"github.com/grafana/grafana/pkg/services/secrets/fakes"
|
||||
|
||||
"github.com/stretchr/testify/assert"
|
||||
"github.com/stretchr/testify/require"
|
||||
|
||||
@ -36,6 +38,7 @@ func setupOAuthTest(t *testing.T, cfg *setting.Cfg) *web.Mux {
|
||||
SQLStore: sqlStore,
|
||||
SocialService: social.ProvideService(cfg),
|
||||
HooksService: hooks.ProvideService(),
|
||||
SecretsService: fakes.NewFakeSecretsService(),
|
||||
}
|
||||
|
||||
m := web.New()
|
||||
@ -55,9 +58,9 @@ func TestOAuthLogin_UnknownProvider(t *testing.T) {
|
||||
recorder := httptest.NewRecorder()
|
||||
|
||||
m.ServeHTTP(recorder, req)
|
||||
|
||||
assert.Equal(t, http.StatusNotFound, recorder.Code)
|
||||
assert.Contains(t, recorder.Body.String(), "OAuth not enabled")
|
||||
// expect to be redirected to /login
|
||||
assert.Equal(t, http.StatusFound, recorder.Code)
|
||||
assert.Equal(t, "/login", recorder.Header().Get("Location"))
|
||||
}
|
||||
|
||||
func TestOAuthLogin_Base(t *testing.T) {
|
||||
|
Loading…
Reference in New Issue
Block a user