Add the right exceptions for BaseUrl::redirect and respect them when catching exceptions at the Trust page

This commit is contained in:
Philipp 2022-07-07 21:47:39 +02:00
parent e4a83eafb8
commit 34f2b2f558
No known key found for this signature in database
GPG Key ID: 24A7501396EB5432
4 changed files with 23 additions and 2 deletions

View File

@ -444,6 +444,10 @@ class BaseURL
* @param string $toUrl The destination URL (Default is empty, which is the default page of the Friendica node) * @param string $toUrl The destination URL (Default is empty, which is the default page of the Friendica node)
* @param bool $ssl if true, base URL will try to get called with https:// (works just for relative paths) * @param bool $ssl if true, base URL will try to get called with https:// (works just for relative paths)
* *
* @throws HTTPException\FoundException
* @throws HTTPException\MovedPermanentlyException
* @throws HTTPException\TemporaryRedirectException
*
* @throws HTTPException\InternalServerErrorException In Case the given URL is not relative to the Friendica node * @throws HTTPException\InternalServerErrorException In Case the given URL is not relative to the Friendica node
*/ */
public function redirect(string $toUrl = '', bool $ssl = false) public function redirect(string $toUrl = '', bool $ssl = false)

View File

@ -441,6 +441,12 @@ class System
* *
* @param string $url The new Location to redirect * @param string $url The new Location to redirect
* @param int $code The redirection code, which is used (Default is 302) * @param int $code The redirection code, which is used (Default is 302)
*
* @throws FoundException
* @throws MovedPermanentlyException
* @throws TemporaryRedirectException
*
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/ */
public static function externalRedirect($url, $code = 302) public static function externalRedirect($url, $code = 302)
{ {

View File

@ -29,6 +29,9 @@ use Friendica\Core\Session\Capability\IHandleSessions;
use Friendica\Model\User; use Friendica\Model\User;
use Friendica\Model\User\Cookie; use Friendica\Model\User\Cookie;
use Friendica\Module\Response; use Friendica\Module\Response;
use Friendica\Network\HTTPException\FoundException;
use Friendica\Network\HTTPException\MovedPermanentlyException;
use Friendica\Network\HTTPException\TemporaryRedirectException;
use Friendica\Security\Authentication; use Friendica\Security\Authentication;
use Friendica\Util\Profiler; use Friendica\Util\Profiler;
use Friendica\Security\TwoFactor; use Friendica\Security\TwoFactor;
@ -97,7 +100,10 @@ class Trust extends BaseModule
try { try {
$this->auth->setForUser($this->app, User::getById($this->app->getLoggedInUserId()), true, true); $this->auth->setForUser($this->app, User::getById($this->app->getLoggedInUserId()), true, true);
} catch (\Exception $exception) { } catch (FoundException | TemporaryRedirectException | MovedPermanentlyException $e) {
// exception wanted!
throw $e;
} catch (\Exception $e) {
$this->logger->warning('Unexpected error during authentication.', ['user' => $this->app->getLoggedInUserId(), 'exception' => $exception]); $this->logger->warning('Unexpected error during authentication.', ['user' => $this->app->getLoggedInUserId(), 'exception' => $exception]);
} }
} }

View File

@ -304,8 +304,13 @@ class Authentication
* @param bool $interactive * @param bool $interactive
* @param bool $login_refresh * @param bool $login_refresh
* *
* @throws HTTPException\FoundException
* @throws HTTPException\MovedPermanentlyException
* @throws HTTPException\TemporaryRedirectException
* @throws HTTPException\ForbiddenException
* @throws HTTPException\InternalServerErrorException In case of Friendica specific exceptions * @throws HTTPException\InternalServerErrorException In case of Friendica specific exceptions
* @throws Exception In case of general Exceptions (like SQL Grammar exceptions) *
*/ */
public function setForUser(App $a, array $user_record, bool $login_initial = false, bool $interactive = false, bool $login_refresh = false) public function setForUser(App $a, array $user_record, bool $login_initial = false, bool $interactive = false, bool $login_refresh = false)
{ {