zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-07-12 14:08:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fix bug which caused exceptions when attempting to redirect to the console login page

Browse source 
When the registrar console code determines that a user has not logged in, it redirects to a login page. But when authenticating as an internal request (which should never happen), the redirection code encountered an exception, resulting in a 500 error.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=163867018
This commit is contained in:
mountford 2017-08-01 12:21:13 -07:00 committed by Ben McIlwain
parent 2a29ada032
commit 5fefa8906d
2 changed files with 33 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

14
java/google/registry/ui/server/registrar/ConsoleUiAction.java
View file

@ -82,7 +82,19 @@ public final class ConsoleUiAction implements Runnable {
public void run() { public void run() {
if (!authResult.userAuthInfo().isPresent()) { if (!authResult.userAuthInfo().isPresent()) {
response.setStatus(SC_MOVED_TEMPORARILY); response.setStatus(SC_MOVED_TEMPORARILY);
response.setHeader(LOCATION, userService.createLoginURL(req.getRequestURI())); String location;
try {
location = userService.createLoginURL(req.getRequestURI());
} catch (IllegalArgumentException e) {
// UserServiceImpl.createLoginURL() throws IllegalArgumentException if underlying API call
// returns an error code of NOT_ALLOWED. createLoginURL() assumes that the error is caused
// by an invalid URL. But in fact, the error can also occur if UserService doesn't have any
// user information, which happens when the request has been authenticated as internal. In
// this case, we want to avoid dying before we can send the redirect, so just redirect to
// the root path.
location = "/";
}
response.setHeader(LOCATION, location);
return; return;
} }
User user = authResult.userAuthInfo().get().user(); User user = authResult.userAuthInfo().get().user();

20
javatests/google/registry/ui/server/registrar/ConsoleUiActionTest.java
View file

@ -14,7 +14,9 @@
package google.registry.ui.server.registrar; package google.registry.ui.server.registrar;
import static com.google.common.net.HttpHeaders.LOCATION;
import static com.google.common.truth.Truth.assertThat; import static com.google.common.truth.Truth.assertThat;
import static javax.servlet.http.HttpServletResponse.SC_MOVED_TEMPORARILY;
import static org.mockito.Matchers.any; import static org.mockito.Matchers.any;
import static org.mockito.Mockito.mock; import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when; import static org.mockito.Mockito.when;
@ -112,4 +114,22 @@ public class ConsoleUiActionTest {
action.run(); action.run();
assertThat(response.getPayload()).contains("<h1>You need permission</h1>"); assertThat(response.getPayload()).contains("<h1>You need permission</h1>");
} }
@Test
public void testNoUser_redirect() throws Exception {
when(request.getRequestURI()).thenReturn("/test");
action.authResult = AuthResult.NOT_AUTHENTICATED;
action.run();
assertThat(response.getStatus()).isEqualTo(SC_MOVED_TEMPORARILY);
assertThat(response.getHeaders().get(LOCATION)).isEqualTo("/_ah/login?continue=%2Ftest");
}
@Test
public void testNoUserInformationAtAll_redirectToRoot() throws Exception {
when(request.getRequestURI()).thenThrow(new IllegalArgumentException());
action.authResult = AuthResult.NOT_AUTHENTICATED;
action.run();
assertThat(response.getStatus()).isEqualTo(SC_MOVED_TEMPORARILY);
assertThat(response.getHeaders().get(LOCATION)).isEqualTo("/");
}
} }