mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2025-05-14 15:14:56 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

fix(oauth2): verify user id exists

Browse source 
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares 2025-02-14 20:50:26 +01:00
parent c7da25d51d
commit f8299464a0
2 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

5
lib/web/auth/oauth2/index.js
View file

@ -62,6 +62,11 @@ function parseProfile (data) {
const displayName = extractProfileAttribute(data, config.oauth2.userProfileDisplayNameAttr) const displayName = extractProfileAttribute(data, config.oauth2.userProfileDisplayNameAttr)
const email = extractProfileAttribute(data, config.oauth2.userProfileEmailAttr) const email = extractProfileAttribute(data, config.oauth2.userProfileEmailAttr)
if (id === undefined && username === undefined) {
logger.error('oauth2 auth failed: id and username are undefined')
throw new Error('User ID or Username required')
}
return { return {
id: id || username, id: id || username,
username, username,

1
public/docs/release-notes.md
View file

@ -9,6 +9,7 @@ If you use SAML authentication, please make sure to update your SAML configurati
See: https://docs.hedgedoc.org/configuration/#saml-login `CMD_SAML_ATTRIBUTE_USERNAME` or `CMD_SAML_ATTRIBUTE_EMAIL` See: https://docs.hedgedoc.org/configuration/#saml-login `CMD_SAML_ATTRIBUTE_USERNAME` or `CMD_SAML_ATTRIBUTE_EMAIL`
### Bugfixes ### Bugfixes
- Check if a valid user id is present when using OAuth2
- Abort SAML login if NameID is undefined instead of logging in with a user named "undefined" - Abort SAML login if NameID is undefined instead of logging in with a user named "undefined"
- Set default values for username and email attribute mapping in SAML configuration - Set default values for username and email attribute mapping in SAML configuration