6 years ago · 213f2d153f
--- a/app/controllers/application_controller/handles_errors.rb
+++ b/app/controllers/application_controller/handles_errors.rb
@@ -45,7 +45,9 @@ module ApplicationController::HandlesErrors
 
				     respond_to do |format|
			
 
				       format.json { render json: humanize_error(e.message), status: status }
			
 
				       format.any do
			
 
				+        errors = humanize_error(e.message)
			
 
				         @exception = e
			
 
				+        @message = errors[:error_human] || errors[:error] || param[:message]
			
 
				         @traceback = !Rails.env.production?
			
 
				         file = File.open(Rails.root.join('public', "#{status_code}.html"), 'r')
			
 
				         render inline: file.read, status: status
			
--- a/app/controllers/sessions_controller.rb
+++ b/app/controllers/sessions_controller.rb
@@ -2,7 +2,7 @@
 
				 
			
 
				 class SessionsController < ApplicationController
			
 
				   prepend_before_action :authentication_check, only: %i[switch_to_user list delete]
			
 
				-  skip_before_action :verify_csrf_token, only: %i[create show destroy create_omniauth create_sso]
			
 
				+  skip_before_action :verify_csrf_token, only: %i[create show destroy create_omniauth failure_omniauth create_sso]
			
 
				 
			
 
				   # "Create" a login, aka "log the user in"
			
 
				   def create
			
@@ -165,6 +165,10 @@ class SessionsController < ApplicationController
 
				     redirect_to '/'
			
 
				   end
			
 
				 
			
 
				+  def failure_omniauth
			
 
				+    raise Exceptions::UnprocessableEntity, "Message from #{params[:strategy]}: #{params[:message]}"
			
 
				+  end
			
 
				+
			
 
				   def create_sso
			
 
				 
			
 
				     # in case, remove switched_from_user_id
			
--- a/config/routes/auth.rb
+++ b/config/routes/auth.rb
@@ -3,6 +3,7 @@ Zammad::Application.routes.draw do
 
				 
			
 
				   # omniauth
			
 
				   match '/auth/:provider/callback',         to: 'sessions#create_omniauth',      via: %i[post get puts delete]
			
 
				+  match '/auth/failure',                    to: 'sessions#failure_omniauth',     via: %i[post get]
			
 
				 
			
 
				   # sso
			
 
				   match '/auth/sso',                        to: 'sessions#create_sso',           via: %i[post get]
			
--- a/public/401.html
+++ b/public/401.html
@@ -5,6 +5,9 @@
 
				 <link rel="stylesheet" href="/assets/error/style.css">
			
 
				 <body <% if @traceback %>class="error-message"<% end %>>
			
 
				   <h1>401: Unauthorized</h1>
			
 
				+<% if @message.present? %>
			
 
				+  <div><%= @message %></div>
			
 
				+<% end %>
			
 
				 <% if !@traceback %>
			
 
				   <div class="error-image" style="background-image: url(/assets/error/error-1.svg)"></div>
			
 
				   <p>Sorry, but you're not allowed to access this page. If you're registered please log in and refresh this page.</p>
			
--- a/public/404.html
+++ b/public/404.html
@@ -5,6 +5,9 @@
 
				 <link rel="stylesheet" href="/assets/error/style.css">
			
 
				 <body <% if @traceback %>class="error-message"<% end %>>
			
 
				   <h1>404: Requested Ressource was not found.</h1>
			
 
				+<% if @message.present? %>
			
 
				+  <div><%= @message %></div>
			
 
				+<% end %>
			
 
				 <% if !@traceback %>
			
 
				   <div class="error-image" style="background-image: url(/assets/error/error-2.svg)"></div>
			
 
				   <p>Sorry, but the Phoenix is not able to find your ressource. Try checking the URL for errors.</p>
			
--- a/public/422.html
+++ b/public/422.html
@@ -5,6 +5,9 @@
 
				 <link rel="stylesheet" href="/assets/error/style.css">
			
 
				 <body <% if @traceback %>class="error-message"<% end %>>
			
 
				   <h1>422: The change you wanted was rejected.</h1>
			
 
				+<% if @message.present? %>
			
 
				+  <div><%= @message %></div>
			
 
				+<% end %>
			
 
				 <% if !@traceback %>
			
 
				   <div class="error-image" style="background-image: url(/assets/error/error-1.svg)"></div>
			
 
				   <p>Maybe you tried to change something you didn't have access to.</p>
			
--- a/test/controllers/o_auth_controller_test.rb
+++ b/test/controllers/o_auth_controller_test.rb
@@ -0,0 +1,29 @@
 
				+
			
 
				+require 'test_helper'
			
 
				+
			
 
				+class OAuthControllerTest < ActionDispatch::IntegrationTest
			
 
				+
			
 
				+  test 'o365 - start' do
			
 
				+    get '/auth/microsoft_office365', params: {}
			
 
				+    assert_response(302)
			
 
				+    assert_match('https://login.microsoftonline.com/common/oauth2/v2.0/authorize', @response.body)
			
 
				+    assert_match('redirect_uri=http%3A%2F%2Fzammad.example.com%2Fauth%2Fmicrosoft_office365%2Fcallback', @response.body)
			
 
				+    assert_match('scope=openid+email+profile', @response.body)
			
 
				+    assert_match('response_type=code', @response.body)
			
 
				+  end
			
 
				+
			
 
				+  test 'o365 - callback' do
			
 
				+    get '/auth/microsoft_office365/callback?code=1234&state=1234', params: {}
			
 
				+    assert_response(302)
			
 
				+    assert_match('302 Moved', @response.body)
			
 
				+  end
			
 
				+
			
 
				+  test 'auth failure' do
			
 
				+    get '/auth/failure?message=123&strategy=some_provider', params: {}
			
 
				+    assert_response(422)
			
 
				+    assert_match('<title>422: Unprocessable Entity</title>', @response.body)
			
 
				+    assert_match('<h1>422: The change you wanted was rejected.</h1>', @response.body)
			
 
				+    assert_match('<div>Message from some_provider: 123</div>', @response.body)
			
 
				+  end
			
 
				+
			
 
				+end