From 34f2b2f558e872974847a4e756c525b8627ae1d7 Mon Sep 17 00:00:00 2001 From: Philipp Date: Thu, 7 Jul 2022 21:47:39 +0200 Subject: [PATCH] Add the right exceptions for BaseUrl::redirect and respect them when catching exceptions at the Trust page --- src/App/BaseURL.php | 4 ++++ src/Core/System.php | 6 ++++++ src/Module/Security/TwoFactor/Trust.php | 8 +++++++- src/Security/Authentication.php | 7 ++++++- 4 files changed, 23 insertions(+), 2 deletions(-) diff --git a/src/App/BaseURL.php b/src/App/BaseURL.php index f02a5f1fe7..9152d4bc2f 100644 --- a/src/App/BaseURL.php +++ b/src/App/BaseURL.php @@ -444,6 +444,10 @@ class BaseURL * @param string $toUrl The destination URL (Default is empty, which is the default page of the Friendica node) * @param bool $ssl if true, base URL will try to get called with https:// (works just for relative paths) * + * @throws HTTPException\FoundException + * @throws HTTPException\MovedPermanentlyException + * @throws HTTPException\TemporaryRedirectException + * * @throws HTTPException\InternalServerErrorException In Case the given URL is not relative to the Friendica node */ public function redirect(string $toUrl = '', bool $ssl = false) diff --git a/src/Core/System.php b/src/Core/System.php index 7601a6f840..8712b6ca59 100644 --- a/src/Core/System.php +++ b/src/Core/System.php @@ -441,6 +441,12 @@ class System * * @param string $url The new Location to redirect * @param int $code The redirection code, which is used (Default is 302) + * + * @throws FoundException + * @throws MovedPermanentlyException + * @throws TemporaryRedirectException + * + * @throws \Friendica\Network\HTTPException\InternalServerErrorException */ public static function externalRedirect($url, $code = 302) { diff --git a/src/Module/Security/TwoFactor/Trust.php b/src/Module/Security/TwoFactor/Trust.php index e2f54d152a..41772d7b84 100644 --- a/src/Module/Security/TwoFactor/Trust.php +++ b/src/Module/Security/TwoFactor/Trust.php @@ -29,6 +29,9 @@ use Friendica\Core\Session\Capability\IHandleSessions; use Friendica\Model\User; use Friendica\Model\User\Cookie; use Friendica\Module\Response; +use Friendica\Network\HTTPException\FoundException; +use Friendica\Network\HTTPException\MovedPermanentlyException; +use Friendica\Network\HTTPException\TemporaryRedirectException; use Friendica\Security\Authentication; use Friendica\Util\Profiler; use Friendica\Security\TwoFactor; @@ -97,7 +100,10 @@ class Trust extends BaseModule try { $this->auth->setForUser($this->app, User::getById($this->app->getLoggedInUserId()), true, true); - } catch (\Exception $exception) { + } catch (FoundException | TemporaryRedirectException | MovedPermanentlyException $e) { + // exception wanted! + throw $e; + } catch (\Exception $e) { $this->logger->warning('Unexpected error during authentication.', ['user' => $this->app->getLoggedInUserId(), 'exception' => $exception]); } } diff --git a/src/Security/Authentication.php b/src/Security/Authentication.php index a23d0c9557..9f45516f7d 100644 --- a/src/Security/Authentication.php +++ b/src/Security/Authentication.php @@ -304,8 +304,13 @@ class Authentication * @param bool $interactive * @param bool $login_refresh * + * @throws HTTPException\FoundException + * @throws HTTPException\MovedPermanentlyException + * @throws HTTPException\TemporaryRedirectException + * @throws HTTPException\ForbiddenException + * @throws HTTPException\InternalServerErrorException In case of Friendica specific exceptions - * @throws Exception In case of general Exceptions (like SQL Grammar exceptions) + * */ public function setForUser(App $a, array $user_record, bool $login_initial = false, bool $interactive = false, bool $login_refresh = false) { -- 2.39.5