fix: handle various nil pointers (#2473)

This commit is contained in:
Livio Amstutz 2021-10-05 08:33:20 +02:00 committed by GitHub
parent 318fa25061
commit 73a51c1544
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 27 additions and 2 deletions

View File

@ -13,6 +13,9 @@ func (c Context) set(name string, value interface{}) {
}
func (c *Context) SetToken(t *oidc.Tokens) *Context {
if t == nil {
return c
}
if t.Token != nil && t.Token.AccessToken != "" {
c.set("accessToken", t.AccessToken)
}

View File

@ -282,9 +282,17 @@ func (l *Login) handleAutoRegister(w http.ResponseWriter, r *http.Request, authR
}
userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
if len(authReq.LinkingUsers) == 0 {
l.renderError(w, r, authReq, caos_errors.ThrowPreconditionFailed(nil, "LOGIN-asfg3", "Errors.ExternalIDP.NoExternalUserData"))
return
}
linkingUser := authReq.LinkingUsers[len(authReq.LinkingUsers)-1]
user, externalIDP, metadata := l.mapExternalUserToLoginUser(orgIamPolicy, linkingUser, idpConfig)
user, metadata, err = l.customExternalUserToLoginUserMapping(user, nil, authReq, idpConfig, metadata, resourceOwner)
if err != nil {
l.renderExternalNotFoundOption(w, r, authReq, err)
return
}
err = l.authRepo.AutoRegisterExternalUser(setContext(r.Context(), resourceOwner), user, externalIDP, memberRoles, authReq.ID, userAgentID, resourceOwner, metadata, domain.BrowserInfoFromRequest(r))
if err != nil {
l.renderExternalNotFoundOption(w, r, authReq, err)

View File

@ -1,10 +1,11 @@
package handler
import (
"github.com/caos/zitadel/internal/domain"
"net/http"
http_mw "github.com/caos/zitadel/internal/api/http/middleware"
"github.com/caos/zitadel/internal/domain"
"github.com/caos/zitadel/internal/errors"
)
const (
@ -53,6 +54,10 @@ func (l *Login) handleLoginNameCheck(w http.ResponseWriter, r *http.Request) {
l.handleRegister(w, r)
return
}
if authReq == nil {
l.renderLogin(w, r, nil, errors.ThrowInvalidArgument(nil, "LOGIN-adrg3", "Errors.AuthRequest.NotFound"))
return
}
userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
loginName := data.LoginName
err = l.authRepo.CheckLoginName(r.Context(), authReq.ID, loginName, userAgentID)

View File

@ -109,7 +109,10 @@ func (l *Login) renderRegister(w http.ResponseWriter, r *http.Request, authReque
registerFormData: *formData,
}
resourceOwner := authRequest.RequestedOrgID
var resourceOwner string
if authRequest != nil {
resourceOwner = authRequest.RequestedOrgID
}
if resourceOwner == "" {
iam, err := l.authRepo.GetIAM(r.Context())

View File

@ -220,6 +220,10 @@ func CreateRenderer(pathPrefix string, staticDir http.FileSystem, staticStorage
}
func (l *Login) renderNextStep(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest) {
if authReq == nil {
l.renderInternalError(w, r, nil, caos_errs.ThrowInvalidArgument(nil, "LOGIN-Df3f2", "Errors.AuthRequest.NotFound"))
return
}
userAgentID, _ := http_mw.UserAgentIDFromCtx(r.Context())
authReq, err := l.authRepo.AuthRequestByID(r.Context(), authReq.ID, userAgentID)
if err != nil {

View File

@ -352,6 +352,7 @@ Errors:
IDPConfigIDEmpty: Identity Provider ID ist leer
ExternalUserIDEmpty: Externe User ID ist leer
UserDisplayNameEmpty: Benutzer Anzeige Name ist leer
NoExternalUserData: Keine externe User Daten erhalten
GrantRequired: Der Login an diese Applikation ist nicht möglich. Der Benutzer benötigt mindestens eine Berechtigung an der Applikation. Bitte melde dich bei deinem Administrator.
ProjectRequired: Der Login an diese Applikation ist nicht möglich. Die Organisation des Benutzer benötigt Berechtigung auf das Projekt. Bitte melde dich bei deinem Administrator.
IdentityProvider:

View File

@ -353,6 +353,7 @@ Errors:
IDPConfigIDEmpty: Identity Provider ID is empty
ExternalUserIDEmpty: External User ID is empty
UserDisplayNameEmpty: User Display Name is empty
NoExternalUserData: No external User Data received
GrantRequired: Login not possible. The user is required to have at least one grant on the application. Please contact your administrator.
ProjectRequired: Login not possible. The organisation of the user must be granted to the project. Please contact your administrator.
IdentityProvider: