mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-07 22:27:40 +00:00
fix: error handling to prevent panics (#8248)
# Which Problems Are Solved We found multiple cases where either the error was not properly handled, which led to panics. # How the Problems Are Solved Handle the errors. # Additional Changes None. # Additional Context - noticed internally
This commit is contained in:
parent
53d47dc87f
commit
d705cb11b7
@ -39,7 +39,10 @@ func (s *Server) RemoveOrg(ctx context.Context, req *admin_pb.RemoveOrgRequest)
|
||||
|
||||
func (s *Server) GetDefaultOrg(ctx context.Context, _ *admin_pb.GetDefaultOrgRequest) (*admin_pb.GetDefaultOrgResponse, error) {
|
||||
org, err := s.query.OrgByID(ctx, true, authz.GetInstance(ctx).DefaultOrganisationID())
|
||||
return &admin_pb.GetDefaultOrgResponse{Org: org_grpc.OrgToPb(org)}, err
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &admin_pb.GetDefaultOrgResponse{Org: org_grpc.OrgToPb(org)}, nil
|
||||
}
|
||||
|
||||
func (s *Server) GetOrgByID(ctx context.Context, req *admin_pb.GetOrgByIDRequest) (*admin_pb.GetOrgByIDResponse, error) {
|
||||
|
@ -65,13 +65,16 @@ func (s *Server) UpdateAction(ctx context.Context, req *mgmt_pb.UpdateActionRequ
|
||||
|
||||
func (s *Server) DeactivateAction(ctx context.Context, req *mgmt_pb.DeactivateActionRequest) (*mgmt_pb.DeactivateActionResponse, error) {
|
||||
details, err := s.command.DeactivateAction(ctx, req.Id, authz.GetCtxData(ctx).OrgID)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &mgmt_pb.DeactivateActionResponse{
|
||||
Details: obj_grpc.AddToDetailsPb(
|
||||
details.Sequence,
|
||||
details.EventDate,
|
||||
details.ResourceOwner,
|
||||
),
|
||||
}, err
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (s *Server) ReactivateAction(ctx context.Context, req *mgmt_pb.ReactivateActionRequest) (*mgmt_pb.ReactivateActionResponse, error) {
|
||||
|
@ -513,6 +513,11 @@ func (s *Server) authorizeCallbackHandler(w http.ResponseWriter, r *http.Request
|
||||
return authReq, s.authResponse(authReq, authorizer, w, r)
|
||||
}(r.Context())
|
||||
if err != nil {
|
||||
// we need to make sure there's no empty interface passed
|
||||
if authReq == nil {
|
||||
op.AuthRequestError(w, r, nil, err, authorizer)
|
||||
return
|
||||
}
|
||||
op.AuthRequestError(w, r, authReq, err, authorizer)
|
||||
}
|
||||
}
|
||||
|
@ -111,6 +111,9 @@ func (s *Server) userInfo(
|
||||
}
|
||||
rawUserInfo = userInfoToOIDC(qu, userInfoAssertion, scope, s.assetAPIPrefix(ctx))
|
||||
})
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
// copy the userinfo to make sure the assert roles and actions use their own copy (e.g. map)
|
||||
userInfo := &oidc.UserInfo{
|
||||
Subject: rawUserInfo.Subject,
|
||||
|
@ -126,7 +126,8 @@ func (c *Commands) GetActiveIntent(ctx context.Context, intentID string) (*IDPIn
|
||||
return nil, zerrors.ThrowNotFound(nil, "IDP-gy3ctgkqe7", "Errors.Intent.NotStarted")
|
||||
}
|
||||
if intent.State != domain.IDPIntentStateStarted {
|
||||
return nil, zerrors.ThrowInvalidArgument(nil, "IDP-Sfrgs", "Errors.Intent.NotStarted")
|
||||
// we still need to return the intent to be able to redirect to the failure url
|
||||
return intent, zerrors.ThrowInvalidArgument(nil, "IDP-Sfrgs", "Errors.Intent.NotStarted")
|
||||
}
|
||||
return intent, nil
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user