diff --git a/app/Http/Controllers/OAuth2/OAuth2ProviderController.php b/app/Http/Controllers/OAuth2/OAuth2ProviderController.php index 8d0ef625..0c3dd1e5 100644 --- a/app/Http/Controllers/OAuth2/OAuth2ProviderController.php +++ b/app/Http/Controllers/OAuth2/OAuth2ProviderController.php @@ -16,7 +16,7 @@ use App\Http\Controllers\Controller; use Illuminate\Support\Facades\Input; use Illuminate\Support\Facades\Response; use Illuminate\Support\Facades\View; -use OAuth2\Exceptions\UriNotAllowedException; +use OAuth2\Exceptions\OAuth2BaseException; use OAuth2\Factories\OAuth2AuthorizationRequestFactory; use OAuth2\IOAuth2Protocol; use OAuth2\OAuth2Message; @@ -26,13 +26,13 @@ use OAuth2\Requests\OAuth2LogoutRequest; use OAuth2\Requests\OAuth2TokenRequest; use OAuth2\Requests\OAuth2TokenRevocationRequest; use OAuth2\Responses\OAuth2Response; -use OAuth2\Services\IClientService; use OAuth2\Strategies\OAuth2ResponseStrategyFactoryMethod; use Utils\Http\HttpContentType; use Utils\Services\IAuthService; use Illuminate\Support\Facades\Request; use Illuminate\Support\Facades\Log; use Illuminate\Support\Facades\Redirect; +use Exception; /** * Class OAuth2ProviderController @@ -104,7 +104,7 @@ final class OAuth2ProviderController extends Controller return $response; } - catch(UriNotAllowedException $ex1) + catch(OAuth2BaseException $ex1) { return Response::view ( @@ -117,6 +117,20 @@ final class OAuth2ProviderController extends Controller 400 ); } + catch(Exception $ex) + { + Log::error($ex); + return Response::view + ( + 'errors.400', + array + ( + 'error_code' => "Generic Error", + 'error_description' => "Generic Error" + ), + 400 + ); + } } /** diff --git a/app/libs/OAuth2/Strategies/OAuth2IndirectErrorResponseFactoryMethod.php b/app/libs/OAuth2/Strategies/OAuth2IndirectErrorResponseFactoryMethod.php index b68dcc73..36218a52 100644 --- a/app/libs/OAuth2/Strategies/OAuth2IndirectErrorResponseFactoryMethod.php +++ b/app/libs/OAuth2/Strategies/OAuth2IndirectErrorResponseFactoryMethod.php @@ -14,6 +14,7 @@ **/ use Exception; +use OAuth2\Exceptions\UnsupportedResponseTypeException; use OAuth2\Requests\OAuth2Request; use OAuth2\Responses\OAuth2IndirectErrorResponse; use OAuth2\Responses\OAuth2IndirectFragmentErrorResponse; @@ -68,7 +69,7 @@ final class OAuth2IndirectErrorResponseFactoryMethod ); } - throw new Exception + throw new UnsupportedResponseTypeException ( sprintf ( diff --git a/tests/OAuth2ProtocolTest.php b/tests/OAuth2ProtocolTest.php index 4c0103d8..d5332b79 100644 --- a/tests/OAuth2ProtocolTest.php +++ b/tests/OAuth2ProtocolTest.php @@ -78,6 +78,33 @@ class OAuth2ProtocolTest extends OpenStackIDBaseTest } + /** + * Get Auth Code Test + */ + public function testAuthCodeNoResponseType() + { + + $client_id = 'Jiz87D8/Vcvr6fvQbH4HyNgwTlfSyQ3x.openstack.client'; + + $params = array( + 'client_id' => $client_id, + 'redirect_uri' => 'https://www.test.com/oauth2', + 'response_type' => '', + 'scope' => sprintf('%s/resource-server/read', $this->current_realm), + ); + + $response = $this->action("POST", "OAuth2\OAuth2ProviderController@auth", + $params, + array(), + array(), + array()); + + $this->assertResponseStatus(400); + + + } + + /** * Get Auth Code Test */ @@ -109,8 +136,6 @@ class OAuth2ProtocolTest extends OpenStackIDBaseTest )); $this->assertResponseStatus(302); - - } public function testAuthCodeInvalidRedirectUri()