From d1161b99a7c9de9b08c2166e295fc8d9ec86445f Mon Sep 17 00:00:00 2001 From: Leonardo Mosquera Date: Wed, 24 Jan 2024 18:50:52 -0300 Subject: [PATCH] FIX: do not attempt to fetch user JSON if URL is not set (#94) It is a configuration error to set oauth2_fetch_user_details to true but leave oauth2_user_json_url empty. Before, this resulted in an unhandled exception in core. Now it is checked here. --- plugin.rb | 2 +- spec/plugin_spec.rb | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/plugin.rb b/plugin.rb index 3dc8f72..a7278d0 100644 --- a/plugin.rb +++ b/plugin.rb @@ -296,7 +296,7 @@ def after_authenticate(auth, existing_account: nil) #{auth["extra"].to_hash.to_yaml} LOG - if SiteSetting.oauth2_fetch_user_details? + if SiteSetting.oauth2_fetch_user_details? && SiteSetting.oauth2_user_json_url.present? if fetched_user_details = fetch_user_details(auth["credentials"]["token"], auth["uid"]) auth["uid"] = fetched_user_details[:user_id] if fetched_user_details[:user_id] auth["info"]["nickname"] = fetched_user_details[:username] if fetched_user_details[ diff --git a/spec/plugin_spec.rb b/spec/plugin_spec.rb index 640b6b9..ebd55a8 100644 --- a/spec/plugin_spec.rb +++ b/spec/plugin_spec.rb @@ -4,6 +4,8 @@ describe OAuth2BasicAuthenticator do describe "after_authenticate" do + before { SiteSetting.oauth2_user_json_url = "https://provider.com/user" } + let(:user) { Fabricate(:user) } let(:authenticator) { OAuth2BasicAuthenticator.new }