diff options
author | Dylan William Hardison <dylan@mozilla.com> | 2015-08-25 05:56:53 +0200 |
---|---|---|
committer | Byron Jones <glob@mozilla.com> | 2015-08-25 05:56:53 +0200 |
commit | 85adb94a090b4bc87eab72193e7066e476da253e (patch) | |
tree | 85494588707f06fcecf9f22002cd753885a79ee2 /extensions/GitHubAuth/lib | |
parent | 77fbf1e1cd0bf2dec70577caa750d191fd717795 (diff) | |
download | bugzilla-85adb94a090b4bc87eab72193e7066e476da253e.tar.gz bugzilla-85adb94a090b4bc87eab72193e7066e476da253e.tar.xz |
Bug 1180733 - "An invalid state parameter was passed to the GitHub OAuth2 callback" error when logging in with github
Diffstat (limited to 'extensions/GitHubAuth/lib')
-rw-r--r-- | extensions/GitHubAuth/lib/Client.pm | 4 | ||||
-rw-r--r-- | extensions/GitHubAuth/lib/Login.pm | 4 |
2 files changed, 5 insertions, 3 deletions
diff --git a/extensions/GitHubAuth/lib/Client.pm b/extensions/GitHubAuth/lib/Client.pm index bcd5e462e..338a5b639 100644 --- a/extensions/GitHubAuth/lib/Client.pm +++ b/extensions/GitHubAuth/lib/Client.pm @@ -60,7 +60,7 @@ sub get_email_key { my $digest = Digest->new(DIGEST_HASH); $digest->add($email); $digest->add(remote_ip()); - $digest->add($cgi->cookie('Bugzilla_github_token') // ''); + $digest->add($cgi->cookie('Bugzilla_github_token') // Bugzilla->request_cache->{github_token} // ''); $digest->add(Bugzilla->localconfig->{site_wide_secret}); return $digest->hexdigest; } @@ -85,7 +85,7 @@ sub get_state { my $digest = Digest->new(DIGEST_HASH); $digest->add($sorted_target->as_string); $digest->add(remote_ip()); - $digest->add($cgi->cookie('Bugzilla_github_token') // ''); + $digest->add($cgi->cookie('Bugzilla_github_token') // Bugzilla->request_cache->{github_token} // ''); $digest->add(Bugzilla->localconfig->{site_wide_secret}); return $digest->hexdigest; } diff --git a/extensions/GitHubAuth/lib/Login.pm b/extensions/GitHubAuth/lib/Login.pm index cb0c68075..8c91fc08a 100644 --- a/extensions/GitHubAuth/lib/Login.pm +++ b/extensions/GitHubAuth/lib/Login.pm @@ -33,10 +33,12 @@ sub get_login_info { my $cookie = $cgi->cookie('Bugzilla_github_token'); unless ($cookie) { + my $token = generate_random_password(); $cgi->send_cookie(-name => 'Bugzilla_github_token', - -value => generate_random_password(), + -value => $token, Bugzilla->params->{'ssl_redirect'} ? ( -secure => 1 ) : (), -httponly => 1); + Bugzilla->request_cache->{github_token} = $token; } return { failure => AUTH_NODATA } unless $github_login; |