sa6anw/hedgedoc-hedgeagent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(oauth2): Fix crash when profile fields are missing (#5850)

Browse Source 
Co-authored-by: Lautaro Alvarez <lautaro@grava.digital>
This commit is contained in:
Lautaro Alvarez
2024-11-01 11:21:10 -03:00
committed by GitHub
parent 0f06adb9c7
commit 4fdab806a3
3 changed files with 17 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
lib/web/auth/oauth2/index.js
View File

@@ -20,7 +20,7 @@ class OAuth2CustomStrategy extends Strategy {
userProfile (accessToken, done) {
this._oauth2.get(this._userProfileURL, accessToken, function (err, body, res) {
let json
let json, profile
if (err) {
return done(new InternalOAuthError('Failed to fetch user profile', err))
@@ -33,7 +33,11 @@ class OAuth2CustomStrategy extends Strategy {
}
checkAuthorization(json, done)
const profile = parseProfile(json)
try {
profile = parseProfile(json)
} catch (ex) {
return done('Failed to identify user profile information', null)
}
profile.provider = 'oauth2'
done(null, profile)
@@ -97,7 +101,7 @@ function checkAuthorization (data, done) {
OAuth2CustomStrategy.prototype.userProfile = function (accessToken, done) {
this._oauth2.get(this._userProfileURL, accessToken, function (err, body, res) {
let json
let json, profile
if (err) {
return done(new InternalOAuthError('Failed to fetch user profile', err))
@@ -110,7 +114,11 @@ OAuth2CustomStrategy.prototype.userProfile = function (accessToken, done) {
}
checkAuthorization(json, done)
const profile = parseProfile(json)
try {
profile = parseProfile(json)
} catch (ex) {
return done('Failed to identify user profile information', null)
}
profile.provider = 'oauth2'
done(null, profile)