Backup_Repos/komga
1
0
Fork 0
mirror of https://github.com/gotson/komga.git synced 2026-05-08 21:00:16 +02:00
Code Issues Projects Releases Wiki Activity

fix: NPE when email_verified claim is missing in OIDC request

Browse source 
Closes: #1054
This commit is contained in:
Gauthier Roebroeck 2023-01-27 16:20:49 +08:00
parent 781d839702
commit 72e5fd9c9a
3 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ERRORCODES.md
View file

@ -30,3 +30,5 @@ ERR_1023 | Book already present in ReadingList
ERR_1024 | OAuth2 login error: no email attribute ERR_1024 | OAuth2 login error: no email attribute
ERR_1025 | OAuth2 login error: no local user exist with that email ERR_1025 | OAuth2 login error: no local user exist with that email
ERR_1026 | OpenIDConnect login error: email not verified ERR_1026 | OpenIDConnect login error: email not verified
ERR_1027 | OpenIDConnect login error: no email_verified attribute
ERR_1028 | OpenIDConnect login error: no email attribute

4
komga-webui/src/locales/en.json
View file

@ -655,7 +655,9 @@
"ERR_1023": "Book already present in ReadingList", "ERR_1023": "Book already present in ReadingList",
"ERR_1024": "OAuth2 login error: no email attribute", "ERR_1024": "OAuth2 login error: no email attribute",
"ERR_1025": "OAuth2 login error: no local user exist with that email", "ERR_1025": "OAuth2 login error: no local user exist with that email",
"ERR_1026": "OpenID Connect login error: email not verified" "ERR_1026": "OpenID Connect login error: email not verified",
"ERR_1027": "OpenID Connect login error: no email_verified attribute",
"ERR_1028": "OpenID Connect login error: no email attribute"
}, },
"filter": { "filter": {
"age_rating": "age rating", "age_rating": "age rating",

4
komga/src/main/kotlin/org/gotson/komga/infrastructure/security/oauth2/KomgaOAuth2UserServiceConfiguration.kt
View file

@ -56,7 +56,9 @@ class KomgaOAuth2UserServiceConfiguration(
return OAuth2UserService { userRequest: OidcUserRequest -> return OAuth2UserService { userRequest: OidcUserRequest ->
val oidcUser = delegate.loadUser(userRequest) val oidcUser = delegate.loadUser(userRequest)
if (!oidcUser.emailVerified) throw OAuth2AuthenticationException("ERR_1026") if (oidcUser.email == null) throw OAuth2AuthenticationException("ERR_1028")
if (oidcUser.emailVerified == null) throw OAuth2AuthenticationException("ERR_1027")
if (oidcUser.emailVerified == false) throw OAuth2AuthenticationException("ERR_1026")
val existingUser = userRepository.findByEmailIgnoreCaseOrNull(oidcUser.email) val existingUser = userRepository.findByEmailIgnoreCaseOrNull(oidcUser.email)
?: tryCreateNewUser(oidcUser.email) ?: tryCreateNewUser(oidcUser.email)