[MediaWiki-commits] [Gerrit] mediawiki...XenForoAuth[master]: Fix access a non-object when no data provided by XenForo

Wed, 31 May 2017 09:59:15 -0700 

jenkins-bot has submitted this change and it was merged. ( 
https://gerrit.wikimedia.org/r/354037 )

Change subject: Fix access a non-object when no data provided by XenForo
......................................................................


Fix access a non-object when no data provided by XenForo

Until now, the extension expected, that XenForo returns data in any
case. However, in some circumstances, the Xenforo API seems to return
a non-OK status code (e.g. 403) when trying to retrieve information about
the current user, even if an oauth_token is provided. This case
is now handled with this commit, with an error message that indicates,
that there was a problem with the external site and, if provided, an
error message.

Bug: T165517
Change-Id: I378610dd11b2fc0c9e1ee029f96039e3d305c9a8
---
M i18n/en.json
M i18n/qqq.json
M includes/auth/XenForoPrimaryAuthenticationProvider.php
3 files changed, 8 insertions(+), 0 deletions(-)

Approvals:
  Florianschmidtwelzow: Looks good to me, approved
  jenkins-bot: Verified



diff --git a/i18n/en.json b/i18n/en.json
index 434bee7..40e6c3b 100644
--- a/i18n/en.json
+++ b/i18n/en.json
@@ -9,6 +9,7 @@
        "xenforoauth-create": "Create with XenForo",
        "xenforoauth-desc": "Allow users to login with a XenForo account",
        "xenforoauth-generic-error": "Oops, there was an error. Please go back 
and try again. Message: $1",
+       "xenforoauth-external-error": "The external site refused to 
authenticate you or encountered an error. Please try it again or contact the 
administrator of the site. The message was: $1",
        "xenforoauth-form-merge": "Link XenForo to wiki account",
        "xenforoauth-form-unlink": "Unlink XenForo from wiki account",
        "xenforoauth-link-other": "Your XenForo account is already linked to 
another user. Please unlink the connection or contact an administrator, if you 
have no other wiki account.",
diff --git a/i18n/qqq.json b/i18n/qqq.json
index 58fde88..91f4fed 100644
--- a/i18n/qqq.json
+++ b/i18n/qqq.json
@@ -14,6 +14,7 @@
        "xenforoauth-create": "Used as label for the button shown in 
[[Special:CreateAccount]].",
        "xenforoauth-desc": 
"{{desc|name=XenForoAuth|url=https://www.mediawiki.org/wiki/Extension:XenForoAuth}}";,
        "xenforoauth-generic-error": "Generic error message for errors with no 
specific error message.\n\nParameters:\n* $1 - a short description of the error 
(e.g. Database error)",
+       "xenforoauth-external-error": "Error message if the request to the 
external site results in an error and no data could be refused. This message is 
used to indicate, that the problem is most likely related to the third party 
authentication site, not this wiki.\n* $1 - The error message provided by the 
external site, if there was one.",
        "xenforoauth-form-merge": "Title of button to merge the wikiaccount and 
XenForo account, if the user is logged into a wikiaccount (and not connected to 
a XenForo account) and navigates to Special:XenForoLogin.",
        "xenforoauth-form-unlink": "Title of button to unlink the connection 
between the wiki user account and XenForo account.",
        "xenforoauth-link-other": "The XenForo account is already linked to a 
wiki user, but not to the actual logged in wiki user. To link the XenForo 
account with the actual wiki account, the user must unlink the connection wit 
the other wiki account, only one connection per XenForo account is allowed.",
diff --git a/includes/auth/XenForoPrimaryAuthenticationProvider.php 
b/includes/auth/XenForoPrimaryAuthenticationProvider.php
index 6efa62a..200cb10 100644
--- a/includes/auth/XenForoPrimaryAuthenticationProvider.php
+++ b/includes/auth/XenForoPrimaryAuthenticationProvider.php
@@ -53,6 +53,12 @@
 
                try {
                        $userInfo = $xfUser->get( 'me' );
+                       if ( $userInfo === false ) {
+                               $errors = implode( $xfUser->getErrors(), ', ' );
+                               return AuthenticationResponse::newFail(
+                                       wfMessage( 
'xenforoauth-external-error', $errors )
+                               );
+                       }
                        $connectedUser = XenForoUser::getUserFromXFUserId( 
$userInfo['user']['user_id'] );
                        $mwUser = User::newFromName( 
$userInfo['user']['username'] );
                        if ( $connectedUser ) {

-- 
To view, visit https://gerrit.wikimedia.org/r/354037
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I378610dd11b2fc0c9e1ee029f96039e3d305c9a8
Gerrit-PatchSet: 2
Gerrit-Project: mediawiki/extensions/XenForoAuth
Gerrit-Branch: master
Gerrit-Owner: Florianschmidtwelzow <[email protected]>
Gerrit-Reviewer: Florianschmidtwelzow <[email protected]>
Gerrit-Reviewer: Siebrand <[email protected]>
Gerrit-Reviewer: jenkins-bot <>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to