You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If the application is configured with oauth2 without setting the user profile attributes, a login attempt leads to an exception and the application is terminated.
Steps to reproduce
Set up the application with oauth2 (e.g. using docker), but do not specify these values:
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR
CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR
Expected behaviour
If the configuration is incomplete, a login attempt should only result in an error message for the user or the application should deactivate the OAuth2 login method at startup and log a message about the missing parameters.
Logs
app-1 | 2024-02-17T13:40:55.702Z error: uncaughtException: Cannot read properties of undefined (reading 'split')
app-1 | TypeError: Cannot read properties of undefined (reading 'split')
app-1 | at extractProfileAttribute (/hedgedoc/lib/web/auth/oauth2/index.js:46:15)
app-1 | at parseProfile (/hedgedoc/lib/web/auth/oauth2/index.js:57:20)
app-1 | at /hedgedoc/lib/web/auth/oauth2/index.js:107:21
app-1 | at passBackControl (/hedgedoc/node_modules/oauth/lib/oauth2.js:134:9)
app-1 | at IncomingMessage.<anonymous> (/hedgedoc/node_modules/oauth/lib/oauth2.js:157:7)
app-1 | at IncomingMessage.emit (node:events:526:35)
app-1 | at endReadableNT (node:internal/streams/readable:1376:12)
app-1 | at process.processTicksAndRejections (node:internal/process/task_queues:82:21)
app-1 | 2024-02-17T13:40:55.702Z error: An uncaught exception has occured.
app-1 | 2024-02-17T13:40:55.702Z error: Cannot read properties of undefined (reading 'split')
app-1 | 2024-02-17T13:40:55.702Z error: Process will exit now.
Config
Using docker compose environment values for app:
- CMD_OAUTH2_AUTHORIZATION_URL=https://[...]
- CMD_OAUTH2_TOKEN_URL=https://[...]
- CMD_OAUTH2_USER_PROFILE_URL=https://[...]
- CMD_OAUTH2_CLIENT_ID=[...]
- CMD_OAUTH2_CLIENT_SECRET=[...]
- CMD_OAUTH2_PROVIDERNAME=[...]
The following values have not been added to the configuration:
- CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR
- CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR
- CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR
Your Setup
docker compose, using quay.io/hedgedoc/hedgedoc:1.9.9
Description
If the application is configured with oauth2 without setting the user profile attributes, a login attempt leads to an exception and the application is terminated.
Steps to reproduce
Set up the application with oauth2 (e.g. using docker), but do not specify these values:
CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR
CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR
CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR
Expected behaviour
If the configuration is incomplete, a login attempt should only result in an error message for the user or the application should deactivate the OAuth2 login method at startup and log a message about the missing parameters.
Logs
Config
Using docker compose environment values for app: - CMD_OAUTH2_AUTHORIZATION_URL=https://[...] - CMD_OAUTH2_TOKEN_URL=https://[...] - CMD_OAUTH2_USER_PROFILE_URL=https://[...] - CMD_OAUTH2_CLIENT_ID=[...] - CMD_OAUTH2_CLIENT_SECRET=[...] - CMD_OAUTH2_PROVIDERNAME=[...] The following values have not been added to the configuration: - CMD_OAUTH2_USER_PROFILE_USERNAME_ATTR - CMD_OAUTH2_USER_PROFILE_DISPLAY_NAME_ATTR - CMD_OAUTH2_USER_PROFILE_EMAIL_ATTR
Your Setup
docker compose, using quay.io/hedgedoc/hedgedoc:1.9.9
Additional context
https://github.com/joachimmathes/hedgedoc/blob/master/lib/web/auth/oauth2/index.js#L53-L55
The text was updated successfully, but these errors were encountered: