diff options
| author | Jesse Luehrs <doy@tozt.net> | 2019-10-16 01:15:05 -0400 |
|---|---|---|
| committer | Jesse Luehrs <doy@tozt.net> | 2019-10-16 01:15:05 -0400 |
| commit | 407f5b472fbd69c86f49d4fc0c45406411477d53 (patch) | |
| tree | 15fb88ac1b8073b437fb6dc4beb2611b15cdac52 | |
| parent | 56cf6f34c7737aae4170d996f0c8027c4b363ff1 (diff) | |
| download | teleterm-407f5b472fbd69c86f49d4fc0c45406411477d53.tar.gz teleterm-407f5b472fbd69c86f49d4fc0c45406411477d53.zip | |
better error handling in client oauth login flow
| -rw-r--r-- | src/client.rs | 33 | ||||
| -rw-r--r-- | src/error.rs | 19 |
2 files changed, 35 insertions, 17 deletions
diff --git a/src/client.rs b/src/client.rs index 1375159..e351eec 100644 --- a/src/client.rs +++ b/src/client.rs @@ -356,13 +356,17 @@ impl<S: tokio::io::AsyncRead + tokio::io::AsyncWrite + Send + 'static> }) .and_then(move |(buf, lines)| { let buf = buf.unwrap(); - let path = &RE.captures(&buf).unwrap()[1]; + let path = &RE + .captures(&buf) + .context(crate::error::ParseHttpRequest)?[1]; let base = url::Url::parse(&format!( "http://{}", OAUTH_LISTEN_ADDRESS )) .unwrap(); - let url = base.join(path).unwrap(); + let url = base + .join(path) + .context(crate::error::ParseHttpRequestPath)?; let mut req_code = None; let mut req_state = None; for (k, v) in url.query_pairs() { @@ -373,23 +377,18 @@ impl<S: tokio::io::AsyncRead + tokio::io::AsyncWrite + Send + 'static> req_state = Some(v.to_string()); } } - let res = if let Some(auth_state) = state { - if req_state.is_none() - || req_state.unwrap() != auth_state - { - unimplemented!() - } else { - Ok(req_code.unwrap()) - } + if state != req_state { + return Err(Error::ParseHttpRequestCsrf); + } + let code = if let Some(code) = req_code { + code } else { - Ok(req_code.unwrap()) + return Err(Error::ParseHttpRequestMissingCode); }; - res.map(|code| { - ( - crate::protocol::Message::oauth_response(&code), - lines.into_inner().into_inner(), - ) - }) + Ok(( + crate::protocol::Message::oauth_response(&code), + lines.into_inner().into_inner(), + )) }) .and_then(|(msg, sock)| { let response = r"HTTP/1.1 200 OK diff --git a/src/error.rs b/src/error.rs index 24cd93d..337c9f6 100644 --- a/src/error.rs +++ b/src/error.rs @@ -117,6 +117,25 @@ pub enum Error { source: std::num::ParseIntError, }, + #[snafu(display("failed to parse incoming http request"))] + ParseHttpRequest, + + #[snafu(display( + "failed to validate csrf token on incoming http request" + ))] + ParseHttpRequestCsrf, + + #[snafu(display( + "incoming http request had no code in the query parameters" + ))] + ParseHttpRequestMissingCode, + + #[snafu(display( + "failed to parse path from incoming http request: {}", + source + ))] + ParseHttpRequestPath { source: url::ParseError }, + #[snafu(display("failed to parse identity file: {}", source))] ParseIdentity { source: native_tls::Error }, |