diff options
| author | Dylan William Hardison <dylan@hardison.net> | 2015-08-24 20:50:16 +0200 |
|---|---|---|
| committer | Dylan William Hardison <dylan@hardison.net> | 2015-08-24 20:50:16 +0200 |
| commit | 07a68c6d4fa62432c9668176b4876133d45cce0e (patch) | |
| tree | 9052bb9e238c10ba1fd803474d94a6e37d555f29 /auth.cgi | |
| parent | 5fd2b62a573eb1eaef834367008be0e24e1fca57 (diff) | |
| download | bugzilla-07a68c6d4fa62432c9668176b4876133d45cce0e.tar.gz bugzilla-07a68c6d4fa62432c9668176b4876133d45cce0e.tar.xz | |
Bug 1175643 - Rewrite auth delegation to use a server-side POST instead of a client-side GET to delegate API Key
r/a=dkl
Diffstat (limited to 'auth.cgi')
| -rwxr-xr-x | auth.cgi | 39 |
1 files changed, 35 insertions, 4 deletions
@@ -23,6 +23,8 @@ use Bugzilla::Mailer qw(MessageToMTA); use URI; use URI::QueryParam; use Digest::SHA qw(sha256_hex); +use LWP::UserAgent (); +use JSON qw(decode_json encode_json); Bugzilla->login(LOGIN_REQUIRED); @@ -88,10 +90,39 @@ if ($confirmed || $skip_confirmation) { MessageToMTA($message); } - $callback_uri->query_param(client_api_key => $api_key->api_key); - $callback_uri->query_param(client_api_login => $user->login); - - print $cgi->redirect($callback_uri); + my $ua = LWP::UserAgent->new(); + $ua->timeout(2); + $ua->protocols_allowed(['http', 'https']); + # If the URL of the proxy is given, use it, else get this information + # from the environment variable. + my $proxy_url = Bugzilla->params->{'proxy_url'}; + if ($proxy_url) { + $ua->proxy(['http', 'https'], $proxy_url); + } + else { + $ua->env_proxy; + } + my $content = encode_json({ client_api_key => $api_key->api_key, + client_api_login => $user->login }); + my $resp = $ua->post($callback_uri, + 'Content-Type' => 'application/json', + Content => $content); + if ($resp->code == 200) { + $callback_uri->query_param(client_api_login => $user->login); + eval { + my $data = decode_json($resp->content); + $callback_uri->query_param(callback_result => $data->{result}); + }; + if ($@) { + ThrowUserError('auth_delegation_json_error', { json_text => $resp->content }); + } + else { + print $cgi->redirect($callback_uri); + } + } + else { + ThrowUserError('auth_delegation_post_error', { code => $resp->code }); + } } else { $args{token} = issue_auth_delegation_token($callback); |