Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error when generic OAuth provider doesn't return a user ID #474

Merged
merged 1 commit into from Jun 30, 2021
Merged

Error when generic OAuth provider doesn't return a user ID #474

merged 1 commit into from Jun 30, 2021

Conversation

thebaer
Copy link
Member

@thebaer thebaer commented Jun 23, 2021

This returns an error and privately (via logs) prompts the admin to add a map_user_id config value.

Fixes #469

  • ☑ I have signed the CLA

@thebaer
Error when generic OAuth provider doesn't return a user ID
3008668 
...on the OAuth access token inspection call. This returns an error and
privately (via logs) prompts the admin to add a `map_user_id` config value.

Fixes #469
@thebaer thebaer added this to the 0.13.1 milestone Jun 23, 2021
@thebaer thebaer changed the base branch from develop to hotfix-0.13.1 June 23, 2021 16:45
@thebaer thebaer mentioned this pull request Jun 23, 2021
Closed
@thebaer
Copy link
Member Author

thebaer commented Jun 30, 2021

With documentation changes merged in writefreely/documentation#35, this is ready to merge too.

@thebaer thebaer merged commit 48075fc into hotfix-0.13.1 Jun 30, 2021
@thebaer thebaer deleted the fix-gen-oauth-empty-user-id branch June 30, 2021 14:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Milestone
0.13.1
Development

Successfully merging this pull request may close these issues.

[Security] Generic OAuth allows anyone to authenticate as a user if map_user_id is not configured correctly
1 participant
@thebaer