Skip to content
Snippets Groups Projects
Commit 189b85c5 authored by Guillaume ROUSSE's avatar Guillaume ROUSSE
Browse files

ensure a non-fatal error for a non-existing token

parent 1a86bc54
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
lib/IdPAccountManager/WebRequest.pm
+ 6
7
View file @ 189b85c5
......@@ -445,11 +445,12 @@ sub req_validate_token {
return undef;
}
my $authentication_token = IdPAccountManager::Data::AuthenticationToken->new(
my $token = IdPAccountManager::Data::AuthenticationToken->new(
db => $self->{db},
token => $self->{in}->{authentication_token});
token => $self->{in}->{authentication_token}
);
unless ($authentication_token->load()) {
if (! $token->load(speculative => 1)) {
push @{ $self->{out}->{errors} }, "wrong_token";
$self->{logger}->errorf(
"Failed to validate authentication token %s for sp_entityid %s",
......@@ -459,9 +460,7 @@ sub req_validate_token {
return undef;
}
unless ($authentication_token->get('sp_entityid') eq
$self->{in}->{sp_entityid})
{
if (! $token->get('sp_entityid') eq $self->{in}->{sp_entityid}) {
push @{ $self->{out}->{errors} }, "wrong_token_for_sp";
$self->{logger}->errorf(
"Authentication token %s cannot be used for SP with entityid %s",
......@@ -472,7 +471,7 @@ sub req_validate_token {
}
## delete the token
unless ($authentication_token->delete()) {
unless ($token->delete()) {
$self->{logger}->errorf(
"Failed to delete authentication token %s",
$self->{in}->{authentication_token}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment