Merge "XsrfCookieFilter: handle null XGerritAuth"
This commit is contained in:
commit
53aa25a041
@ -44,6 +44,7 @@ import com.google.gerrit.client.ui.LinkMenuItem;
|
|||||||
import com.google.gerrit.client.ui.MorphingTabPanel;
|
import com.google.gerrit.client.ui.MorphingTabPanel;
|
||||||
import com.google.gerrit.client.ui.ProjectLinkMenuItem;
|
import com.google.gerrit.client.ui.ProjectLinkMenuItem;
|
||||||
import com.google.gerrit.client.ui.Screen;
|
import com.google.gerrit.client.ui.Screen;
|
||||||
|
import com.google.gerrit.common.Nullable;
|
||||||
import com.google.gerrit.common.PageLinks;
|
import com.google.gerrit.common.PageLinks;
|
||||||
import com.google.gerrit.common.data.HostPageData;
|
import com.google.gerrit.common.data.HostPageData;
|
||||||
import com.google.gerrit.common.data.SystemInfoService;
|
import com.google.gerrit.common.data.SystemInfoService;
|
||||||
@ -287,6 +288,7 @@ public class Gerrit implements EntryPoint {
|
|||||||
}
|
}
|
||||||
|
|
||||||
/** @return access token to prove user identity during REST API calls. */
|
/** @return access token to prove user identity during REST API calls. */
|
||||||
|
@Nullable
|
||||||
public static String getXGerritAuth() {
|
public static String getXGerritAuth() {
|
||||||
return xGerritAuth;
|
return xGerritAuth;
|
||||||
}
|
}
|
||||||
|
@ -18,6 +18,7 @@ import static java.util.concurrent.TimeUnit.HOURS;
|
|||||||
|
|
||||||
import com.google.common.base.Strings;
|
import com.google.common.base.Strings;
|
||||||
import com.google.gerrit.common.data.HostPageData;
|
import com.google.gerrit.common.data.HostPageData;
|
||||||
|
import com.google.gerrit.common.Nullable;
|
||||||
import com.google.gerrit.httpd.WebSessionManager.Key;
|
import com.google.gerrit.httpd.WebSessionManager.Key;
|
||||||
import com.google.gerrit.httpd.WebSessionManager.Val;
|
import com.google.gerrit.httpd.WebSessionManager.Val;
|
||||||
import com.google.gerrit.reviewdb.client.Account;
|
import com.google.gerrit.reviewdb.client.Account;
|
||||||
@ -109,6 +110,7 @@ public abstract class CacheBasedWebSession implements WebSession {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@Nullable
|
||||||
public String getXGerritAuth() {
|
public String getXGerritAuth() {
|
||||||
return isSignedIn() ? val.getAuth() : null;
|
return isSignedIn() ? val.getAuth() : null;
|
||||||
}
|
}
|
||||||
|
@ -14,6 +14,7 @@
|
|||||||
|
|
||||||
package com.google.gerrit.httpd;
|
package com.google.gerrit.httpd;
|
||||||
|
|
||||||
|
import com.google.gerrit.common.Nullable;
|
||||||
import com.google.gerrit.reviewdb.client.Account;
|
import com.google.gerrit.reviewdb.client.Account;
|
||||||
import com.google.gerrit.reviewdb.client.AccountExternalId;
|
import com.google.gerrit.reviewdb.client.AccountExternalId;
|
||||||
import com.google.gerrit.server.AccessPath;
|
import com.google.gerrit.server.AccessPath;
|
||||||
@ -22,7 +23,7 @@ import com.google.gerrit.server.account.AuthResult;
|
|||||||
|
|
||||||
public interface WebSession {
|
public interface WebSession {
|
||||||
boolean isSignedIn();
|
boolean isSignedIn();
|
||||||
String getXGerritAuth();
|
@Nullable String getXGerritAuth();
|
||||||
boolean isValidXGerritAuth(String keyIn);
|
boolean isValidXGerritAuth(String keyIn);
|
||||||
AccountExternalId.Key getLastLoginExternalId();
|
AccountExternalId.Key getLastLoginExternalId();
|
||||||
CurrentUser getUser();
|
CurrentUser getUser();
|
||||||
|
@ -14,6 +14,8 @@
|
|||||||
|
|
||||||
package com.google.gerrit.httpd;
|
package com.google.gerrit.httpd;
|
||||||
|
|
||||||
|
import static com.google.common.base.Strings.nullToEmpty;
|
||||||
|
|
||||||
import com.google.gerrit.common.data.HostPageData;
|
import com.google.gerrit.common.data.HostPageData;
|
||||||
import com.google.gerrit.extensions.registration.DynamicItem;
|
import com.google.gerrit.extensions.registration.DynamicItem;
|
||||||
import com.google.gerrit.server.CurrentUser;
|
import com.google.gerrit.server.CurrentUser;
|
||||||
@ -61,11 +63,11 @@ public class XsrfCookieFilter implements Filter {
|
|||||||
|
|
||||||
private void setXsrfTokenCookie(HttpServletRequest req,
|
private void setXsrfTokenCookie(HttpServletRequest req,
|
||||||
HttpServletResponse rsp, WebSession session) {
|
HttpServletResponse rsp, WebSession session) {
|
||||||
String v = session != null ? session.getXGerritAuth() : "";
|
String v = session != null ? session.getXGerritAuth() : null;
|
||||||
Cookie c = new Cookie(HostPageData.XSRF_COOKIE_NAME, v);
|
Cookie c = new Cookie(HostPageData.XSRF_COOKIE_NAME, nullToEmpty(v));
|
||||||
c.setPath("/");
|
c.setPath("/");
|
||||||
c.setSecure(authConfig.getCookieSecure() && isSecure(req));
|
c.setSecure(authConfig.getCookieSecure() && isSecure(req));
|
||||||
c.setMaxAge(session != null
|
c.setMaxAge(v != null
|
||||||
? -1 // Set the cookie for this browser session.
|
? -1 // Set the cookie for this browser session.
|
||||||
: 0); // Remove the cookie (expire immediately).
|
: 0); // Remove the cookie (expire immediately).
|
||||||
rsp.addCookie(c);
|
rsp.addCookie(c);
|
||||||
|
Loading…
Reference in New Issue
Block a user