IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

[MM-41263] Fix stackoverflow error in saml login (#19423)

Browse Source 
Automatic Merge
This commit is contained in:
Shota Gvinepadze
2022-01-31 17:34:18 +04:00
committed by GitHub
parent 7988810fc0
commit c554bbd977
2 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
i18n/en.json
View File

@@ -3823,6 +3823,10 @@
"id": "api.user.authorize_oauth_user.response.app_error",
"translation": "Received invalid response from OAuth service provider."
},
{
"id": "api.user.authorize_oauth_user.saml_response_too_long.app_error",
"translation": "SAML response is too long"
},
{
"id": "api.user.authorize_oauth_user.service.app_error",
"translation": "Token request to {{.Service}} failed."

9
web/saml.go
View File

@@ -16,6 +16,8 @@ import (
"github.com/mattermost/mattermost-server/v6/utils"
)
const maxSAMLResponseSize = 2 * 1024 * 1024 // 2MB
func (w *Web) InitSaml() {
w.MainRouter.Handle("/login/sso/saml", w.APIHandler(loginWithSaml)).Methods("GET")
w.MainRouter.Handle("/login/sso/saml", w.APIHandlerTrustRequester(completeSaml)).Methods("POST")
@@ -122,6 +124,13 @@ func completeSaml(c *Context, w http.ResponseWriter, r *http.Request) {
}
}
if len(encodedXML) > maxSAMLResponseSize {
err := model.NewAppError("completeSaml", "api.user.authorize_oauth_user.saml_response_too_long.app_error", nil, "SAML response is too long", http.StatusBadRequest)
mlog.Error(err.Error())
handleError(err)
return
}
user, err := samlInterface.DoLogin(c.AppContext, encodedXML, relayProps)
if err != nil {
c.LogAudit("fail")