sam/pronounscc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix: abort if oauth user info is invalid

Browse source
This commit is contained in:
Sam 2023-04-21 00:07:02 +02:00
parent 61b69d1026
commit 6dd3478ff9
Signed by: sam
GPG key ID: B4EF20DDE721CAA1
5 changed files with 50 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
backend/routes/auth/fedi_mastodon.go
View file

@ -220,6 +220,11 @@ func (s *Server) mastodonLink(w http.ResponseWriter, r *http.Request) error {
return server.APIError{Code: server.ErrInvalidTicket}
}
if mu.ID == "" {
log.Errorf("linking user with id %v: user ID was empty", claims.UserID)
return server.APIError{Code: server.ErrInternalServerError, Details: "Mastodon user ID is empty"}
}
err = u.UpdateFromFedi(ctx, s.DB, mu.ID, mu.Username, app.ID)
if err != nil {
return errors.Wrap(err, "updating user from mastoAPI")
@ -330,6 +335,11 @@ func (s *Server) mastodonSignup(w http.ResponseWriter, r *http.Request) error {
return errors.Wrap(err, "creating user")
}
if mu.ID == "" {
log.Errorf("creating user with name %q: user ID was empty", req.Username)
return server.APIError{Code: server.ErrInternalServerError, Details: "Mastodon user ID is empty"}
}
err = u.UpdateFromFedi(ctx, tx, mu.ID, mu.Username, app.ID)
if err != nil {
return errors.Wrap(err, "updating user from mastoAPI")