mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-12 11:04:25 +00:00
fix: handle various nil pointers (#2473)
This commit is contained in:
parent
318fa25061
commit
73a51c1544
@ -13,6 +13,9 @@ func (c Context) set(name string, value interface{}) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (c *Context) SetToken(t *oidc.Tokens) *Context {
|
func (c *Context) SetToken(t *oidc.Tokens) *Context {
|
||||||
|
if t == nil {
|
||||||
|
return c
|
||||||
|
}
|
||||||
if t.Token != nil && t.Token.AccessToken != "" {
|
if t.Token != nil && t.Token.AccessToken != "" {
|
||||||
c.set("accessToken", t.AccessToken)
|
c.set("accessToken", t.AccessToken)
|
||||||
}
|
}
|
||||||
|
@ -282,9 +282,17 @@ func (l *Login) handleAutoRegister(w http.ResponseWriter, r *http.Request, authR
|
|||||||
}
|
}
|
||||||
|
|
||||||
userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
|
userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
|
||||||
|
if len(authReq.LinkingUsers) == 0 {
|
||||||
|
l.renderError(w, r, authReq, caos_errors.ThrowPreconditionFailed(nil, "LOGIN-asfg3", "Errors.ExternalIDP.NoExternalUserData"))
|
||||||
|
return
|
||||||
|
}
|
||||||
linkingUser := authReq.LinkingUsers[len(authReq.LinkingUsers)-1]
|
linkingUser := authReq.LinkingUsers[len(authReq.LinkingUsers)-1]
|
||||||
user, externalIDP, metadata := l.mapExternalUserToLoginUser(orgIamPolicy, linkingUser, idpConfig)
|
user, externalIDP, metadata := l.mapExternalUserToLoginUser(orgIamPolicy, linkingUser, idpConfig)
|
||||||
user, metadata, err = l.customExternalUserToLoginUserMapping(user, nil, authReq, idpConfig, metadata, resourceOwner)
|
user, metadata, err = l.customExternalUserToLoginUserMapping(user, nil, authReq, idpConfig, metadata, resourceOwner)
|
||||||
|
if err != nil {
|
||||||
|
l.renderExternalNotFoundOption(w, r, authReq, err)
|
||||||
|
return
|
||||||
|
}
|
||||||
err = l.authRepo.AutoRegisterExternalUser(setContext(r.Context(), resourceOwner), user, externalIDP, memberRoles, authReq.ID, userAgentID, resourceOwner, metadata, domain.BrowserInfoFromRequest(r))
|
err = l.authRepo.AutoRegisterExternalUser(setContext(r.Context(), resourceOwner), user, externalIDP, memberRoles, authReq.ID, userAgentID, resourceOwner, metadata, domain.BrowserInfoFromRequest(r))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
l.renderExternalNotFoundOption(w, r, authReq, err)
|
l.renderExternalNotFoundOption(w, r, authReq, err)
|
||||||
|
@ -1,10 +1,11 @@
|
|||||||
package handler
|
package handler
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"github.com/caos/zitadel/internal/domain"
|
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
http_mw "github.com/caos/zitadel/internal/api/http/middleware"
|
http_mw "github.com/caos/zitadel/internal/api/http/middleware"
|
||||||
|
"github.com/caos/zitadel/internal/domain"
|
||||||
|
"github.com/caos/zitadel/internal/errors"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
const (
|
||||||
@ -53,6 +54,10 @@ func (l *Login) handleLoginNameCheck(w http.ResponseWriter, r *http.Request) {
|
|||||||
l.handleRegister(w, r)
|
l.handleRegister(w, r)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
if authReq == nil {
|
||||||
|
l.renderLogin(w, r, nil, errors.ThrowInvalidArgument(nil, "LOGIN-adrg3", "Errors.AuthRequest.NotFound"))
|
||||||
|
return
|
||||||
|
}
|
||||||
userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
|
userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
|
||||||
loginName := data.LoginName
|
loginName := data.LoginName
|
||||||
err = l.authRepo.CheckLoginName(r.Context(), authReq.ID, loginName, userAgentID)
|
err = l.authRepo.CheckLoginName(r.Context(), authReq.ID, loginName, userAgentID)
|
||||||
|
@ -109,7 +109,10 @@ func (l *Login) renderRegister(w http.ResponseWriter, r *http.Request, authReque
|
|||||||
registerFormData: *formData,
|
registerFormData: *formData,
|
||||||
}
|
}
|
||||||
|
|
||||||
resourceOwner := authRequest.RequestedOrgID
|
var resourceOwner string
|
||||||
|
if authRequest != nil {
|
||||||
|
resourceOwner = authRequest.RequestedOrgID
|
||||||
|
}
|
||||||
|
|
||||||
if resourceOwner == "" {
|
if resourceOwner == "" {
|
||||||
iam, err := l.authRepo.GetIAM(r.Context())
|
iam, err := l.authRepo.GetIAM(r.Context())
|
||||||
|
@ -220,6 +220,10 @@ func CreateRenderer(pathPrefix string, staticDir http.FileSystem, staticStorage
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (l *Login) renderNextStep(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest) {
|
func (l *Login) renderNextStep(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest) {
|
||||||
|
if authReq == nil {
|
||||||
|
l.renderInternalError(w, r, nil, caos_errs.ThrowInvalidArgument(nil, "LOGIN-Df3f2", "Errors.AuthRequest.NotFound"))
|
||||||
|
return
|
||||||
|
}
|
||||||
userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
|
userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
|
||||||
authReq, err := l.authRepo.AuthRequestByID(r.Context(), authReq.ID, userAgentID)
|
authReq, err := l.authRepo.AuthRequestByID(r.Context(), authReq.ID, userAgentID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -352,6 +352,7 @@ Errors:
|
|||||||
IDPConfigIDEmpty: Identity Provider ID ist leer
|
IDPConfigIDEmpty: Identity Provider ID ist leer
|
||||||
ExternalUserIDEmpty: Externe User ID ist leer
|
ExternalUserIDEmpty: Externe User ID ist leer
|
||||||
UserDisplayNameEmpty: Benutzer Anzeige Name ist leer
|
UserDisplayNameEmpty: Benutzer Anzeige Name ist leer
|
||||||
|
NoExternalUserData: Keine externe User Daten erhalten
|
||||||
GrantRequired: Der Login an diese Applikation ist nicht möglich. Der Benutzer benötigt mindestens eine Berechtigung an der Applikation. Bitte melde dich bei deinem Administrator.
|
GrantRequired: Der Login an diese Applikation ist nicht möglich. Der Benutzer benötigt mindestens eine Berechtigung an der Applikation. Bitte melde dich bei deinem Administrator.
|
||||||
ProjectRequired: Der Login an diese Applikation ist nicht möglich. Die Organisation des Benutzer benötigt Berechtigung auf das Projekt. Bitte melde dich bei deinem Administrator.
|
ProjectRequired: Der Login an diese Applikation ist nicht möglich. Die Organisation des Benutzer benötigt Berechtigung auf das Projekt. Bitte melde dich bei deinem Administrator.
|
||||||
IdentityProvider:
|
IdentityProvider:
|
||||||
|
@ -353,6 +353,7 @@ Errors:
|
|||||||
IDPConfigIDEmpty: Identity Provider ID is empty
|
IDPConfigIDEmpty: Identity Provider ID is empty
|
||||||
ExternalUserIDEmpty: External User ID is empty
|
ExternalUserIDEmpty: External User ID is empty
|
||||||
UserDisplayNameEmpty: User Display Name is empty
|
UserDisplayNameEmpty: User Display Name is empty
|
||||||
|
NoExternalUserData: No external User Data received
|
||||||
GrantRequired: Login not possible. The user is required to have at least one grant on the application. Please contact your administrator.
|
GrantRequired: Login not possible. The user is required to have at least one grant on the application. Please contact your administrator.
|
||||||
ProjectRequired: Login not possible. The organisation of the user must be granted to the project. Please contact your administrator.
|
ProjectRequired: Login not possible. The organisation of the user must be granted to the project. Please contact your administrator.
|
||||||
IdentityProvider:
|
IdentityProvider:
|
||||||
|
Loading…
Reference in New Issue
Block a user