diff options
Diffstat (limited to 'api/user.go')
-rw-r--r-- | api/user.go | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/api/user.go b/api/user.go index 9ed4404f1..4240a795e 100644 --- a/api/user.go +++ b/api/user.go @@ -8,13 +8,13 @@ import ( l4g "code.google.com/p/log4go" b64 "encoding/base64" "fmt" + "github.com/disintegration/imaging" "github.com/golang/freetype" "github.com/gorilla/mux" "github.com/mattermost/platform/model" "github.com/mattermost/platform/store" "github.com/mattermost/platform/utils" "github.com/mssola/user_agent" - "github.com/nfnt/resize" "hash/fnv" "image" "image/color" @@ -466,10 +466,14 @@ func RevokeAllSession(c *Context, userId string) { for _, session := range sessions { c.LogAuditWithUserId(userId, "session_id="+session.Id) - sessionCache.Remove(session.Token) - if result := <-Srv.Store.Session().Remove(session.Id); result.Err != nil { - c.Err = result.Err - return + if session.IsOAuth { + RevokeAccessToken(session.Token) + } else { + sessionCache.Remove(session.Token) + if result := <-Srv.Store.Session().Remove(session.Id); result.Err != nil { + c.Err = result.Err + return + } } } } @@ -798,7 +802,7 @@ func uploadProfileImage(c *Context, w http.ResponseWriter, r *http.Request) { } // Scale profile image - img = resize.Resize(utils.Cfg.FileSettings.ProfileWidth, utils.Cfg.FileSettings.ProfileHeight, img, resize.Lanczos3) + img = imaging.Resize(img, utils.Cfg.FileSettings.ProfileWidth, utils.Cfg.FileSettings.ProfileHeight, imaging.Lanczos) buf := new(bytes.Buffer) err = png.Encode(buf, img) @@ -1416,7 +1420,7 @@ func GetAuthorizationCode(c *Context, w http.ResponseWriter, r *http.Request, te func AuthorizeOAuthUser(service, code, state, redirectUri string) (io.ReadCloser, *model.Team, *model.AppError) { sso := utils.Cfg.GetSSOService(service) - if sso != nil && !sso.Enable { + if sso == nil || !sso.Enable { return nil, nil, model.NewAppError("AuthorizeOAuthUser", "Unsupported OAuth service provider", "service="+service) } @@ -1458,6 +1462,9 @@ func AuthorizeOAuthUser(service, code, state, redirectUri string) (io.ReadCloser return nil, nil, model.NewAppError("AuthorizeOAuthUser", "Token request failed", err.Error()) } else { ar = model.AccessResponseFromJson(resp.Body) + if ar == nil { + return nil, nil, model.NewAppError("AuthorizeOAuthUser", "Bad response from token request", "") + } } if strings.ToLower(ar.TokenType) != model.ACCESS_TOKEN_TYPE { |