diff options
author | Dylan William Hardison <dylan@hardison.net> | 2015-08-11 17:57:30 +0200 |
---|---|---|
committer | Dylan William Hardison <dylan@hardison.net> | 2015-08-11 17:57:51 +0200 |
commit | 589ec37a32d8687d612eedd107748b7afadd07fd (patch) | |
tree | 2ce3f05091643ef199ff5648c4d0b3250def181b /auth.cgi | |
parent | 99bec2e52b174c1e8774ebf12da5963330d47af9 (diff) | |
download | bugzilla-589ec37a32d8687d612eedd107748b7afadd07fd.tar.gz bugzilla-589ec37a32d8687d612eedd107748b7afadd07fd.tar.xz |
Bug 1190693 - Backport bug 1175643 to bmo for safer auth delegation
Diffstat (limited to 'auth.cgi')
-rwxr-xr-x | auth.cgi | 35 |
1 files changed, 31 insertions, 4 deletions
@@ -23,6 +23,8 @@ use Bugzilla::Mailer qw(MessageToMTA); use URI; use URI::QueryParam; use Digest::SHA qw(sha256_hex); +use LWP::UserAgent (); +use JSON qw(decode_json encode_json); Bugzilla->login(LOGIN_REQUIRED); @@ -88,10 +90,35 @@ if ($confirmed || $skip_confirmation) { MessageToMTA($message); } - $callback_uri->query_param(client_api_key => $api_key->api_key); - $callback_uri->query_param(client_api_login => $user->login); - - print $cgi->redirect($callback_uri); + my $ua = LWP::UserAgent->new(); + $ua->timeout(2); + $ua->protocols_allowed(['http', 'https']); + # If the URL of the proxy is given, use it, else get this information + # from the environment variable. + if (my $proxy_url = Bugzilla->params->{'proxy_url'}) { + $ua->proxy(['http', 'https'], $proxy_url); + } + else { + $ua->env_proxy; + } + my $content = encode_json({ client_api_key => $api_key->api_key, + client_api_login => $user->login }); + my $resp = $ua->post($callback_uri, + 'Content-Type' => 'application/json', + Content => $content); + if ($resp->code == 200) { + $callback_uri->query_param(client_api_login => $user->login); + eval { + my $data = decode_json($resp->content); + $callback_uri->query_param(callback_result => $data->{result}); + }; + ThrowUserError('auth_delegation_json_error', { json_text => $resp->content }) if $@; + + print $cgi->redirect($callback_uri); + } + else { + ThrowUserError('auth_delegation_post_error', { code => $resp->code }); + } } else { $args{token} = issue_auth_delegation_token($callback); |