fix(model): potential panic (#3538)
This fixes a potential panic in the conversion from a fosite.Requester to an *OAuth2Session object.pull/3539/head^2
parent
25b5c1ee2e
commit
d9c7cd6564
|
@ -44,6 +44,8 @@ func OpenIDConnectTokenPOST(ctx *middlewares.AutheliaCtx, rw http.ResponseWriter
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ctx.Logger.Tracef("Access Request with id '%s' on client with id '%s' response is being generated for session with type '%T'", requester.GetID(), client.GetID(), requester.GetSession())
|
||||||
|
|
||||||
if responder, err = ctx.Providers.OpenIDConnect.Fosite.NewAccessResponse(ctx, requester); err != nil {
|
if responder, err = ctx.Providers.OpenIDConnect.Fosite.NewAccessResponse(ctx, requester); err != nil {
|
||||||
rfc := fosite.ErrorToRFC6749Error(err)
|
rfc := fosite.ErrorToRFC6749Error(err)
|
||||||
|
|
||||||
|
|
|
@ -4,7 +4,6 @@ import (
|
||||||
"context"
|
"context"
|
||||||
"crypto/sha256"
|
"crypto/sha256"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"errors"
|
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/url"
|
"net/url"
|
||||||
"time"
|
"time"
|
||||||
|
@ -40,23 +39,27 @@ func NewOAuth2ConsentSession(subject NullUUID, r fosite.Requester) (consent *OAu
|
||||||
func NewOAuth2SessionFromRequest(signature string, r fosite.Requester) (session *OAuth2Session, err error) {
|
func NewOAuth2SessionFromRequest(signature string, r fosite.Requester) (session *OAuth2Session, err error) {
|
||||||
var (
|
var (
|
||||||
subject string
|
subject string
|
||||||
openidSession *OpenIDSession
|
sessionOpenID *OpenIDSession
|
||||||
sessData []byte
|
sessionData []byte
|
||||||
)
|
)
|
||||||
|
|
||||||
openidSession = r.GetSession().(*OpenIDSession)
|
s := r.GetSession()
|
||||||
if openidSession == nil {
|
|
||||||
return nil, errors.New("unexpected session type")
|
switch t := s.(type) {
|
||||||
|
case *OpenIDSession:
|
||||||
|
sessionOpenID = t
|
||||||
|
default:
|
||||||
|
return nil, fmt.Errorf("can't convert type '%T' to an *OAuth2Session", s)
|
||||||
}
|
}
|
||||||
|
|
||||||
subject = openidSession.GetSubject()
|
subject = sessionOpenID.GetSubject()
|
||||||
|
|
||||||
if sessData, err = json.Marshal(openidSession); err != nil {
|
if sessionData, err = json.Marshal(sessionOpenID); err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
return &OAuth2Session{
|
return &OAuth2Session{
|
||||||
ChallengeID: openidSession.ChallengeID,
|
ChallengeID: sessionOpenID.ChallengeID,
|
||||||
RequestID: r.GetID(),
|
RequestID: r.GetID(),
|
||||||
ClientID: r.GetClient().GetID(),
|
ClientID: r.GetClient().GetID(),
|
||||||
Signature: signature,
|
Signature: signature,
|
||||||
|
@ -69,7 +72,7 @@ func NewOAuth2SessionFromRequest(signature string, r fosite.Requester) (session
|
||||||
Active: true,
|
Active: true,
|
||||||
Revoked: false,
|
Revoked: false,
|
||||||
Form: r.GetRequestForm().Encode(),
|
Form: r.GetRequestForm().Encode(),
|
||||||
Session: sessData,
|
Session: sessionData,
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue