lee/OliveTin
1
0
Fork 0
mirror of https://github.com/OliveTin/OliveTin synced 2025-12-20 04:55:32 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

bugfix: Crash in OAuth2 userdata, and option to log user data (#631)

Browse Source
This commit is contained in:
James Read
2025-07-28 22:46:08 +01:00
committed by GitHub
parent 81ef166d78
commit 2d4a3fc048
2 changed files with 15 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
service/internal/config/config.go
View File

@@ -138,6 +138,7 @@ type Config struct {
CronSupportForSeconds bool CronSupportForSeconds bool
SectionNavigationStyle string SectionNavigationStyle string
DefaultPopupOnStart string DefaultPopupOnStart string
InsecureAllowDumpOAuth2UserData bool
InsecureAllowDumpVars bool InsecureAllowDumpVars bool
InsecureAllowDumpSos bool InsecureAllowDumpSos bool
InsecureAllowDumpActionMap bool InsecureAllowDumpActionMap bool

17
service/internal/httpservers/restapi_auth_oauth2.go
View File

@@ -250,7 +250,7 @@ func handleOAuthCallback(w http.ResponseWriter, r *http.Request) {
Timeout: clientSettings.Timeout, Timeout: clientSettings.Timeout,
} }
userinfo := getUserInfo(userInfoClient, cfg.AuthOAuth2Providers[registeredState.providerName]) userinfo := getUserInfo(cfg, userInfoClient, cfg.AuthOAuth2Providers[registeredState.providerName])
registeredStates[state].Username = userinfo.Username registeredStates[state].Username = userinfo.Username
registeredStates[state].Usergroup = userinfo.Usergroup registeredStates[state].Usergroup = userinfo.Usergroup
@@ -274,7 +274,7 @@ type UserInfo struct {
} }
//gocyclo:ignore //gocyclo:ignore
func getUserInfo(client *http.Client, provider *config.OAuth2Provider) *UserInfo { func getUserInfo(cfg *config.Config, client *http.Client, provider *config.OAuth2Provider) *UserInfo {
ret := &UserInfo{} ret := &UserInfo{}
res, err := client.Get(provider.WhoamiUrl) res, err := client.Get(provider.WhoamiUrl)
@@ -300,6 +300,10 @@ func getUserInfo(client *http.Client, provider *config.OAuth2Provider) *UserInfo
var userData map[string]any var userData map[string]any
if cfg.InsecureAllowDumpOAuth2UserData {
log.Debugf("OAuth2 User Data: %v+", string(contents))
}
err = json.Unmarshal([]byte(contents), &userData) err = json.Unmarshal([]byte(contents), &userData)
if err != nil { if err != nil {
@@ -327,7 +331,14 @@ func getDataField(data map[string]any, field string) string {
return "" return ""
} }
return val.(string) stringVal, ok := val.(string)
if !ok {
log.Errorf("Field %v is not a string: %v", field, val)
return ""
}
return stringVal
} }
func parseOAuth2Cookie(r *http.Request) (string, string, string) { func parseOAuth2Cookie(r *http.Request) (string, string, string) {