Commit 83e4cf3d authored by Jean-Baptiste Barth's avatar Jean-Baptiste Barth

Prevent 500 error on login when there's a typo in OpenID URI scheme, such as http;// or http.//

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3933 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent 52c624aa
......@@ -67,6 +67,13 @@ class AccountControllerTest < ActionController::TestCase
assert_redirected_to 'my/page'
end
def test_login_with_invalid_openid_provider
Setting.self_registration = '0'
Setting.openid = '1'
post :login, :openid_url => 'http;//openid.example.com/good_user'
assert_redirected_to home_url
end
def test_login_with_openid_for_existing_non_active_user
Setting.self_registration = '2'
Setting.openid = '1'
......
......@@ -89,7 +89,7 @@ module OpenIdAuthentication
begin
uri = URI.parse(identifier)
uri.scheme = uri.scheme.downcase # URI should do this
uri.scheme = uri.scheme.downcase if uri.scheme # URI should do this
identifier = uri.normalize.to_s
rescue URI::InvalidURIError
raise InvalidOpenId.new("#{identifier} is not an OpenID identifier")
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment