Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix regression on auth login.

Browse Source
This commit is contained in:
ldestailleur
2025-03-10 01:13:08 +01:00
parent d670d67668
commit 6ac206e4e8
3 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/core/modules/oauth/generic_oauthcallback.php
View File

@@ -110,7 +110,7 @@ if ($state) {
// Add a test to check that the state parameter is provided into URL when we make the first call to ask the redirect or when we receive the callback
// but not when callback was ok and we recall the page
if ($action != 'delete' && !GETPOSTINT('afteroauthloginreturn') && (empty($statewithscopeonly) || empty($requestedpermissionsarray))) {
if ($action != 'delete' && !GETPOST('afteroauthloginreturn') && (empty($statewithscopeonly) || empty($requestedpermissionsarray))) {
dol_syslog("state or statewithscopeonly and/or requestedpermissionsarray are empty");
setEventMessages($langs->trans('ScopeUndefined'), null, 'errors');
if (empty($backtourl)) {
@@ -382,7 +382,7 @@ if (!GETPOST('code') && !GETPOST('error')) {
// If call back to this url was for a OAUTH2 login
if ($forlogin) {
// _SESSION['genericoauth_receivedlogin'] has been set to the key to validate the next test by function_genericoauth(), so we can make the redirect
$backtourl .= '?actionlogin=login&afteroauthloginreturn=1&mainmenu=home'.($username ? '&username='.urlencode($username) : '').'&token='.newToken();
$backtourl .= '?actionlogin=login&afteroauthloginreturn=generic&mainmenu=home'.($username ? '&username='.urlencode($username) : '').'&token='.newToken();
if (!empty($tmparray['entity'])) {
$backtourl .= '&entity='.$tmparray['entity'];
}

4
htdocs/core/modules/oauth/google_oauthcallback.php
View File

@@ -114,7 +114,7 @@ if ($state) {
// Add a test to check that the state parameter is provided into URL when we make the first call to ask the redirect or when we receive the callback
// but not when callback was ok and we recall the page
if ($action != 'delete' && !GETPOSTINT('afteroauthloginreturn') && (empty($statewithscopeonly) || empty($requestedpermissionsarray))) {
if ($action != 'delete' && !GETPOST('afteroauthloginreturn') && (empty($statewithscopeonly) || empty($requestedpermissionsarray))) {
dol_syslog("state or statewithscopeonly and/or requestedpermissionsarray are empty");
setEventMessages($langs->trans('ScopeUndefined'), null, 'errors');
if (empty($backtourl)) {
@@ -372,7 +372,7 @@ if (!GETPOST('code')) {
// If call back to this url was for a OAUTH2 login
if ($forlogin) {
// _SESSION['googleoauth_receivedlogin'] has been set to the key to validate the next test by function_googleoauth(), so we can make the redirect
$backtourl .= '?actionlogin=login&afteroauthloginreturn=1&mainmenu=home'.($username ? '&username='.urlencode($username) : '').'&token='.newToken();
$backtourl .= '?actionlogin=login&afteroauthloginreturn=google&mainmenu=home'.($username ? '&username='.urlencode($username) : '').'&token='.newToken();
if (!empty($tmparray['entity'])) {
$backtourl .= '&entity='.$tmparray['entity'];
}

2
htdocs/main.inc.php
View File

@@ -983,7 +983,7 @@ if (!defined('NOLOGIN')) {
if (GETPOST('beforeoauthloginredirect') == $oauthmodetotest || GETPOST('afteroauthloginreturn') == $oauthmodetotest) {
continue;
}
dol_syslog("User did not click on link for OAuth, or is not on the OAuth return, so we disable check using ".$oauthmodetotest);
dol_syslog("User did not click on link for OAuth mode ".$oauthmodetotest.", param beforeoauthloginredirect is ".GETPOST('beforeoauthloginredirect')." and param afteroauthloginreturn is ".GETPOST('afteroauthloginreturn')." so we disable check of login for mode ".$oauthmodetotest);
foreach ($authmode as $tmpkey => $tmpval) {
if ($tmpval == $oauthmodetotest.'oauth') {
unset($authmode[$tmpkey]);