mirror of
https://github.com/wallabag/wallabag.git
synced 2024-11-29 20:41:03 +00:00
Cast client id to avoid PG error
If someone send a malformated client_id when trying to authenticate using the API we got a 500 if wallabag use postgres because the request send a string instead of an integer.
This commit is contained in:
parent
4d0c632c70
commit
3a2d4cf9fd
3 changed files with 34 additions and 1 deletions
|
@ -11,7 +11,7 @@ use Wallabag\UserBundle\Entity\User;
|
|||
|
||||
/**
|
||||
* @ORM\Table("oauth2_clients")
|
||||
* @ORM\Entity
|
||||
* @ORM\Entity(repositoryClass="Wallabag\ApiBundle\Repository\ClientRepository")
|
||||
*/
|
||||
class Client extends BaseClient
|
||||
{
|
||||
|
|
19
src/Wallabag/ApiBundle/Repository/ClientRepository.php
Normal file
19
src/Wallabag/ApiBundle/Repository/ClientRepository.php
Normal file
|
@ -0,0 +1,19 @@
|
|||
<?php
|
||||
|
||||
namespace Wallabag\ApiBundle\Repository;
|
||||
|
||||
use Doctrine\ORM\EntityRepository;
|
||||
|
||||
class ClientRepository extends EntityRepository
|
||||
{
|
||||
public function findOneBy(array $criteria, array $orderBy = null)
|
||||
{
|
||||
if (!empty($criteria['id'])) {
|
||||
// cast client id to be an integer to avoid postgres error:
|
||||
// "invalid input syntax for integer"
|
||||
$criteria['id'] = (int) $criteria['id'];
|
||||
}
|
||||
|
||||
return parent::findOneBy($criteria, $orderBy);
|
||||
}
|
||||
}
|
|
@ -56,6 +56,20 @@ class DeveloperControllerTest extends WallabagCoreTestCase
|
|||
$this->assertArrayHasKey('refresh_token', $data);
|
||||
}
|
||||
|
||||
public function testCreateTokenWithBadClientId()
|
||||
{
|
||||
$client = $this->getClient();
|
||||
$client->request('POST', '/oauth/v2/token', [
|
||||
'grant_type' => 'password',
|
||||
'client_id' => '$WALLABAG_CLIENT_ID',
|
||||
'client_secret' => 'secret',
|
||||
'username' => 'admin',
|
||||
'password' => 'mypassword',
|
||||
]);
|
||||
|
||||
$this->assertSame(400, $client->getResponse()->getStatusCode());
|
||||
}
|
||||
|
||||
public function testListingClient()
|
||||
{
|
||||
$this->logInAs('admin');
|
||||
|
|
Loading…
Reference in a new issue