Gitiles
Code Review Sign In
korap.ids-mannheim.de / KorAP / Kalamar / ff088115396f7f30013dd8109f7a1ab940dcd22c^! / .
commitff088115396f7f30013dd8109f7a1ab940dcd22c[log] [tgz]
authorAkron <nils@diewald-online.de>Tue Jun 15 15:26:04 2021 +0200
committerAkron <nils@diewald-online.de>Thu Jun 17 21:48:42 2021 +0200
tree0da6035c348a3a4765884a84e81cf315f8595911
parent4932bd928c844cac85d40c235ed5b1ab21cfc8cf [diff]
Fix rendering error in not authenticated oauth route

Change-Id: I776c0dbdcd1e28e4f3b16b0832309164c9425dcc

diff --git a/Changes b/Changes
index 8f1abd2..67ed471 100755
--- a/Changes
+++ b/Changes

@@ -27,6 +27,7 @@
           flow will be supported and will be the default
           option for authentication and authorization.
         - Added settings navigation by default.
+        - Fix rendering bug in unauthenticated oauth route.
 
         WARNING: Upgrading to Mojolicious 9.19 will
           invalidate all sessions. This is a security update.

diff --git a/lib/Kalamar/Plugin/Auth.pm b/lib/Kalamar/Plugin/Auth.pm
index e77a672..db9728d 100644
--- a/lib/Kalamar/Plugin/Auth.pm
+++ b/lib/Kalamar/Plugin/Auth.pm

@@ -63,6 +63,7 @@
           loginFail => 'Anmeldung fehlgeschlagen',
           logoutSuccess => 'Abmeldung erfolgreich',
           logoutFail => 'Abmeldung fehlgeschlagen',
+          authenticationFail => 'Nicht authentifiziert',
           csrfFail => 'Fehlerhafter CSRF Token',
           openRedirectFail => 'Weiterleitungsfehler',
           tokenExpired => 'Zugriffstoken abgelaufen',
@@ -107,6 +108,7 @@
           loginFail => 'Access denied',
           logoutSuccess => 'Logout successful',
           logoutFail => 'Logout failed',
+          authenticationFail => 'Not authenticated',
           csrfFail => 'Bad CSRF token',
           openRedirectFail => 'Redirect failure',
           tokenExpired => 'Access token expired',
@@ -765,7 +767,8 @@
 
           unless ($c->auth->token) {
             return $c->render(
-              content => 'Unauthorized',
+              template => 'exception',
+              msg => $c->loc('Auth_authenticationFail'),
               status => 401
             );
           };

diff --git a/t/plugin/auth-oauth.t b/t/plugin/auth-oauth.t
index 20c9b64..b63c668 100644
--- a/t/plugin/auth-oauth.t
+++ b/t/plugin/auth-oauth.t

@@ -120,6 +120,11 @@
   ->element_exists_not('aside.off')
   ;
 
+$t->get_ok('/settings/oauth')
+  ->status_is(401)
+  ->text_is('p.no-results', 'Not authenticated')
+  ;
+
 # Test for bug with long password
 $t->post_ok('/user/login' => form => {
   handle => 'test',

diff --git a/templates/exception.html.ep b/templates/exception.html.ep
index af0aaf6..f85edc6 100644
--- a/templates/exception.html.ep
+++ b/templates/exception.html.ep

@@ -1,4 +1,4 @@
-% my $msg = $exception->message // '500: Internal Server Error';
+% my $msg = stash('msg') // stash('exception')->message // '500: Internal Server Error';
 % layout 'main', title => 'KorAP: ' . $msg;
 
 <p class="no-results"><%= $msg  %></p>