mirror of
https://mau.dev/maunium/synapse.git
synced 2024-12-14 10:43:50 +01:00
Handle an empty cookie as an invalid macaroon. (#9620)
* Handle an empty cookie as an invalid macaroon. * Newsfragment
This commit is contained in:
parent
dd69110d95
commit
1383508f29
2 changed files with 3 additions and 1 deletions
1
changelog.d/9620.bugfix
Normal file
1
changelog.d/9620.bugfix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Fix a bug introduced in v1.28.0 where the OpenID Connect callback endpoint could error with a `MacaroonInitException`.
|
|
@ -29,6 +29,7 @@ from authlib.oidc.discovery import OpenIDProviderMetadata, get_well_known_url
|
||||||
from jinja2 import Environment, Template
|
from jinja2 import Environment, Template
|
||||||
from pymacaroons.exceptions import (
|
from pymacaroons.exceptions import (
|
||||||
MacaroonDeserializationException,
|
MacaroonDeserializationException,
|
||||||
|
MacaroonInitException,
|
||||||
MacaroonInvalidSignatureException,
|
MacaroonInvalidSignatureException,
|
||||||
)
|
)
|
||||||
from typing_extensions import TypedDict
|
from typing_extensions import TypedDict
|
||||||
|
@ -217,7 +218,7 @@ class OidcHandler:
|
||||||
session_data = self._token_generator.verify_oidc_session_token(
|
session_data = self._token_generator.verify_oidc_session_token(
|
||||||
session, state
|
session, state
|
||||||
)
|
)
|
||||||
except (MacaroonDeserializationException, KeyError) as e:
|
except (MacaroonInitException, MacaroonDeserializationException, KeyError) as e:
|
||||||
logger.exception("Invalid session for OIDC callback")
|
logger.exception("Invalid session for OIDC callback")
|
||||||
self._sso_handler.render_error(request, "invalid_session", str(e))
|
self._sso_handler.render_error(request, "invalid_session", str(e))
|
||||||
return
|
return
|
||||||
|
|
Loading…
Reference in a new issue