Page MenuHomePhabricator
Differential D11696

Only let users log in to an OAuth server if they can see it
ClosedPublic
Actions

Authored by epriestley on Feb 5 2015, 6:55 PM.
Tags
None
Referenced Files
F19020943: D11696.diff
Sun, Nov 23, 6:35 PM
F19007893: D11696.diff
Fri, Nov 21, 8:45 PM
F18854418: D11696.id.diff
Nov 1 2025, 12:10 AM
F18849707: D11696.diff
Oct 30 2025, 11:36 AM
F18835842: D11696.id28143.diff
Oct 26 2025, 7:25 PM
F18829826: D11696.id28143.diff
Oct 25 2025, 1:26 AM
F18790314: D11696.id28142.diff
Oct 15 2025, 1:36 PM
F18766151: D11696.id.diff
Oct 7 2025, 3:14 PM
View All Files
Subscribers
epriestley

Details

Reviewers
btrahan
Maniphest Tasks
T7169: Visibility of OAuth apps is not set correctly or is not checked correctly
Commits
Restricted Diffusion Commit
rP7213eb01e030: Only let users log in to an OAuth server if they can see it
Summary

Fixes T7169. We just weren't doing a policy-aware query. Basic idea here is that if you set an app to be visible only to specific users, those specific users are the only ones who should be able to authorize it.

In the Phacility cluster, this allows us to prevent users who haven't been invited from logging in to an instance.

Test Plan
  • Tried to log into an instance I was not a member of.
  • Logged into an instance I am a member of.

Diff Detail

Repository
rP Phabricator
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

epriestley updated this revision to Diff 28142.Feb 5 2015, 6:55 PM
epriestley retitled this revision from to Only let users log in to an OAuth server if they can see it.
epriestley updated this object.
epriestley edited the test plan for this revision. (Show Details)
epriestley added a reviewer: btrahan.
epriestley added a task: T7169: Visibility of OAuth apps is not set correctly or is not checked correctly.
Herald added a subscriber: epriestley. · View Herald TranscriptFeb 5 2015, 6:55 PM
btrahan accepted this revision.Feb 5 2015, 6:57 PM
btrahan edited edge metadata.
This revision is now accepted and ready to land.Feb 5 2015, 6:57 PM
Closed by commit rP7213eb01e030: Only let users log in to an OAuth server if they can see it (authored by epriestley, committed by epriestley). · Explain WhyFeb 5 2015, 6:57 PM
This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

PathSize
src/
applications/
oauthserver/
controller/
19 lines

Diff 28143

View Options

src/applications/oauthserver/controller/PhabricatorOAuthServerAuthController.php

Loading...
Phabricator · Built by Phacility