Differential D11696 Diff 28143 src/applications/oauthserver/controller/PhabricatorOAuthServerAuthController.php
Changeset View
Changeset View
Standalone View
Standalone View
src/applications/oauthserver/controller/PhabricatorOAuthServerAuthController.php
Show All 33 Lines | public function processRequest() { | ||||
$is_authorized = false; | $is_authorized = false; | ||||
$authorization = null; | $authorization = null; | ||||
$uri = null; | $uri = null; | ||||
$name = null; | $name = null; | ||||
// one giant try / catch around all the exciting database stuff so we | // one giant try / catch around all the exciting database stuff so we | ||||
// can return a 'server_error' response if something goes wrong! | // can return a 'server_error' response if something goes wrong! | ||||
try { | try { | ||||
$client = id(new PhabricatorOAuthServerClient()) | try { | ||||
->loadOneWhere('phid = %s', $client_phid); | $client = id(new PhabricatorOAuthServerClientQuery()) | ||||
->setViewer($viewer) | |||||
->withPHIDs(array($client_phid)) | |||||
->executeOne(); | |||||
} catch (PhabricatorPolicyException $ex) { | |||||
// We require that users must be able to see an OAuth application | |||||
// in order to authorize it. This allows an application's visibility | |||||
// policy to be used to restrict authorized users. | |||||
// None of the OAuth error responses are a perfect fit for this, but | |||||
// 'invalid_client' seems closest. | |||||
return $this->buildErrorResponse( | |||||
'invalid_client', | |||||
pht('Not Authorized'), | |||||
pht('You are not authorized to authenticate.')); | |||||
} | |||||
if (!$client) { | if (!$client) { | ||||
return $this->buildErrorResponse( | return $this->buildErrorResponse( | ||||
'invalid_request', | 'invalid_request', | ||||
pht('Invalid Client Application'), | pht('Invalid Client Application'), | ||||
pht( | pht( | ||||
'Request parameter %s does not specify a valid client application.', | 'Request parameter %s does not specify a valid client application.', | ||||
phutil_tag('strong', array(), 'client_id'))); | phutil_tag('strong', array(), 'client_id'))); | ||||
▲ Show 20 Lines • Show All 215 Lines • Show Last 20 Lines |