From 18808faead1b7bcdf27dab06e2ffcda1f0680979 Mon Sep 17 00:00:00 2001 From: enahum Date: Tue, 30 Aug 2016 14:40:30 -0300 Subject: PLT-3994 Fix OAuth2: Properly handle allowing an app fails (#3888) * PLT-3994 Fix OAuth2: Properly handle allowing an app fails * Remove Content-Type from allowOAuth --- api/oauth.go | 6 ++++-- webapp/components/authorize.jsx | 16 +++++++++++++--- webapp/sass/components/_oauth.scss | 4 ++++ 3 files changed, 21 insertions(+), 5 deletions(-) diff --git a/api/oauth.go b/api/oauth.go index d2a6dd9d4..d3495895f 100644 --- a/api/oauth.go +++ b/api/oauth.go @@ -152,24 +152,26 @@ func allowOAuth(c *Context, w http.ResponseWriter, r *http.Request) { c.LogAudit("attempt") - w.Header().Set("Content-Type", "application/x-www-form-urlencoded") responseData := map[string]string{} responseType := r.URL.Query().Get("response_type") if len(responseType) == 0 { c.Err = model.NewLocAppError("allowOAuth", "api.oauth.allow_oauth.bad_response.app_error", nil, "") + c.Err.StatusCode = http.StatusBadRequest return } clientId := r.URL.Query().Get("client_id") if len(clientId) != 26 { c.Err = model.NewLocAppError("allowOAuth", "api.oauth.allow_oauth.bad_client.app_error", nil, "") + c.Err.StatusCode = http.StatusBadRequest return } redirectUri := r.URL.Query().Get("redirect_uri") if len(redirectUri) == 0 { c.Err = model.NewLocAppError("allowOAuth", "api.oauth.allow_oauth.bad_redirect.app_error", nil, "") + c.Err.StatusCode = http.StatusBadRequest return } @@ -191,6 +193,7 @@ func allowOAuth(c *Context, w http.ResponseWriter, r *http.Request) { if !app.IsValidRedirectURL(redirectUri) { c.LogAudit("fail - redirect_uri did not match registered callback") c.Err = model.NewLocAppError("allowOAuth", "api.oauth.allow_oauth.redirect_callback.app_error", nil, "") + c.Err.StatusCode = http.StatusBadRequest return } @@ -226,7 +229,6 @@ func allowOAuth(c *Context, w http.ResponseWriter, r *http.Request) { c.LogAudit("success") responseData["redirect"] = redirectUri + "?code=" + url.QueryEscape(authData.Code) + "&state=" + url.QueryEscape(authData.State) - w.Header().Set("Content-Type", "application/json") w.Write([]byte(model.MapToJson(responseData))) } diff --git a/webapp/components/authorize.jsx b/webapp/components/authorize.jsx index 354b51ede..684bae589 100644 --- a/webapp/components/authorize.jsx +++ b/webapp/components/authorize.jsx @@ -2,9 +2,9 @@ // See License.txt for license information. import Client from 'client/web_client.jsx'; +import FormError from 'components/form_error.jsx'; import {FormattedMessage, FormattedHTMLMessage} from 'react-intl'; - import React from 'react'; import icon50 from 'images/icon50x50.png'; @@ -52,8 +52,8 @@ export default class Authorize extends React.Component { window.location.href = data.redirect; } }, - () => { - //Do nothing on error + (err) => { + this.setState({error: err.message}); } ); } @@ -75,6 +75,15 @@ export default class Authorize extends React.Component { icon = icon50; } + let error; + if (this.state.error) { + error = ( +
+ +
+ ); + } + return (
@@ -137,6 +146,7 @@ export default class Authorize extends React.Component { />
+ {error}
); diff --git a/webapp/sass/components/_oauth.scss b/webapp/sass/components/_oauth.scss index 2b4f2f9c9..8ca1e6c17 100644 --- a/webapp/sass/components/_oauth.scss +++ b/webapp/sass/components/_oauth.scss @@ -40,4 +40,8 @@ padding: 1.5em 0; text-align: right; } + + .prompt__error { + display: inline-block; + } } -- cgit v1.2.3-1-g7c22