amorfo77/sogo
1
0
Fork 0
mirror of https://github.com/inverse-inc/sogo.git synced 2026-06-26 04:14:19 +00:00
Code Issues Projects Releases Wiki Activity

fix(openid): check the userinfo mail + avoid infinite loop

Browse Source
This commit is contained in:
Hivert Quentin
2026-05-05 10:39:38 +02:00
parent 2af96d10d5
commit 93b82a0f60
2 changed files with 55 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
UI/MainUI/SOGoRootPage.m
+14
View File
@@ -685,8 +685,22 @@ static const NSString *kJwtKey = @"jwt";
code = value;
[openIdSession fetchToken: code redirect: redirectLocation];
login = [openIdSession login: @""];
if(!login)
{
//login is nil only if there's a problem with the userInfo mail parameters
response = [self responseWithStatus: 500 andString: @"Openid wrong email, check the log"];
return response;
}
if ([login length])
{
//Check if the user exist in SOGo user source (ldap or sql)
loggedInUser = [SOGoUser userWithLogin: login];
if(!loggedInUser)
{
[self logWithFormat: @"Mail returned by openid does not exist in user source: %@", login];
response = [self responseWithStatus: 500 andString: @"Openid wrong email, check the log"];
return response;
}
auth = [[WOApplication application] authenticatorInContext: context];
openIdCookie = [auth cookieWithUsername: login
andPassword: [openIdSession getToken]