Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
Pleroma
pleroma
Commits
1825118f
Commit
1825118f
authored
Jan 28, 2019
by
lain
Browse files
Correctly handle invalid credentials on auth login.
Closes
#407
parent
b380b489
Pipeline
#6687
passed with stages
in 5 minutes and 39 seconds
Changes
2
Pipelines
1
Hide whitespace changes
Inline
Side-by-side
lib/pleroma/web/oauth/fallback_controller.ex
View file @
1825118f
...
...
@@ -9,7 +9,8 @@ defmodule Pleroma.Web.OAuth.FallbackController do
# No user/password
def
call
(
conn
,
_
)
do
conn
|>
put_status
(
:unauthorized
)
|>
put_flash
(
:error
,
"Invalid Username/Password"
)
|>
OAuthController
.
authorize
(
conn
.
params
)
|>
OAuthController
.
authorize
(
conn
.
params
[
"authorization"
]
)
end
end
test/web/oauth/oauth_controller_test.exs
View file @
1825118f
...
...
@@ -34,6 +34,31 @@ test "redirects with oauth authorization" do
assert
Repo
.
get_by
(
Authorization
,
token:
code
)
end
test
"correctly handles wrong credentials"
,
%{
conn:
conn
}
do
user
=
insert
(
:user
)
app
=
insert
(
:oauth_app
)
result
=
conn
|>
post
(
"/oauth/authorize"
,
%{
"authorization"
=>
%{
"name"
=>
user
.
nickname
,
"password"
=>
"wrong"
,
"client_id"
=>
app
.
client_id
,
"redirect_uri"
=>
app
.
redirect_uris
,
"state"
=>
"statepassed"
}
})
|>
html_response
(
:unauthorized
)
# Keep the details
assert
result
=~
app
.
client_id
assert
result
=~
app
.
redirect_uris
# Error message
assert
result
=~
"Invalid"
end
test
"issues a token for an all-body request"
do
user
=
insert
(
:user
)
app
=
insert
(
:oauth_app
)
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment