mirror of
https://github.com/0rangebananaspy/authelia.git
synced 2024-09-14 22:47:21 +07:00
[BUGFIX] Prevent crash when email has not been set (#1466)
* [BUGFIX] Prevent crash when email has not been set
a83ccd7188
introduced a regression where if a misconfigured deployment presented an empty emails array setting `Remote-*` headers would fail.
If the emails array is empty we now set the `Remote-Email` header to an empty string.
* Add additional case for unit tests
This commit is contained in:
parent
8e32a4b65f
commit
50df949520
|
@ -159,7 +159,12 @@ func setForwardedHeaders(headers *fasthttp.ResponseHeader, username, name string
|
|||
headers.Set(remoteUserHeader, username)
|
||||
headers.Set(remoteGroupsHeader, strings.Join(groups, ","))
|
||||
headers.Set(remoteNameHeader, name)
|
||||
headers.Set(remoteEmailHeader, emails[0])
|
||||
|
||||
if emails != nil {
|
||||
headers.Set(remoteEmailHeader, emails[0])
|
||||
} else {
|
||||
headers.Set(remoteEmailHeader, "")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -413,6 +413,26 @@ func TestShouldVerifyFailingDetailsFetchingInBasicAuth(t *testing.T) {
|
|||
"https://test.example.com", actualStatus, expStatus)
|
||||
}
|
||||
|
||||
func TestShouldNotCrashOnEmptyEmail(t *testing.T) {
|
||||
mock := mocks.NewMockAutheliaCtx(t)
|
||||
defer mock.Close()
|
||||
|
||||
userSession := mock.Ctx.GetSession()
|
||||
userSession.Username = testUsername
|
||||
userSession.Emails = nil
|
||||
userSession.AuthenticationLevel = authentication.OneFactor
|
||||
mock.Ctx.SaveSession(userSession) //nolint:errcheck // TODO: Legacy code, consider refactoring time permitting.
|
||||
|
||||
mock.Ctx.Request.Header.Set("X-Original-URL", "https://bypass.example.com")
|
||||
|
||||
VerifyGet(verifyGetCfg)(mock.Ctx)
|
||||
|
||||
expStatus, actualStatus := 200, mock.Ctx.Response.StatusCode()
|
||||
assert.Equal(t, expStatus, actualStatus, "URL=%s -> StatusCode=%d != ExpectedStatusCode=%d",
|
||||
"https://bypass.example.com", actualStatus, expStatus)
|
||||
assert.Equal(t, []byte(nil), mock.Ctx.Response.Header.Peek("Remote-Email"))
|
||||
}
|
||||
|
||||
type Pair struct {
|
||||
URL string
|
||||
Username string
|
||||
|
|
Loading…
Reference in New Issue
Block a user