FIX: Handle SSO Provider Parse exception
Prevent unnecessary 500 errors from appearing in the logs and return a 422 response instead.
This commit is contained in:
parent
904bbdb307
commit
965ac3567b
|
@ -47,6 +47,14 @@ class SessionController < ApplicationController
|
|||
rescue SingleSignOnProvider::BlankSecret
|
||||
render plain: I18n.t("sso.missing_secret"), status: 400
|
||||
return
|
||||
rescue SingleSignOnProvider::ParseError => e
|
||||
if SiteSetting.verbose_sso_logging
|
||||
Rails.logger.warn("Verbose SSO log: Signature parse error\n\n#{e.message}\n\n#{sso&.diagnostics}")
|
||||
end
|
||||
|
||||
# Do NOT pass the error text to the client, it would give them the correct signature
|
||||
render plain: I18n.t("sso.login_error"), status: 422
|
||||
return
|
||||
end
|
||||
|
||||
if sso.return_sso_url.blank?
|
||||
|
|
|
@ -1006,7 +1006,7 @@ RSpec.describe SessionController do
|
|||
it "it fails to log in if secret is wrong" do
|
||||
get "/session/sso_provider", params: Rack::Utils.parse_query(@sso.payload("secretForRandomSite"))
|
||||
|
||||
expect(response.status).to eq(500)
|
||||
expect(response.status).to eq(422)
|
||||
end
|
||||
|
||||
it "fails with a nice error message if secret is blank" do
|
||||
|
|
Loading…
Reference in New Issue