db: print better error messages for invalid input

When client secrets are not base64 encoded, print an error message
that's not a generic base64 decode error:

   client secrets must be base64 decodable. See issue #337.
   Please consider replaceing "secret" with "c2VjcmV0"

When a user file is missing a mandatory field print an error message.

	Unable to build Server: user elroy-foo is missing email field

For #400
This commit is contained in:
Eric Chiang 2016-04-11 16:31:50 -07:00
parent ed89be44ef
commit 5c5df23a57
2 changed files with 11 additions and 1 deletions

View file

@ -100,9 +100,13 @@ func NewClientIdentityRepoFromClients(dbm *gorp.DbMap, clients []oidc.ClientIden
defer tx.Rollback() defer tx.Rollback()
exec := repo.executor(tx) exec := repo.executor(tx)
for _, c := range clients { for _, c := range clients {
if c.Credentials.Secret == "" {
return nil, fmt.Errorf("client %q has no secret", c.Credentials.ID)
}
dec, err := base64.URLEncoding.DecodeString(c.Credentials.Secret) dec, err := base64.URLEncoding.DecodeString(c.Credentials.Secret)
if err != nil { if err != nil {
return nil, err return nil, fmt.Errorf("client secrets must be base64 decodable. See issue #337. Please consider replacing %q with %q",
c.Credentials.Secret, base64.URLEncoding.EncodeToString([]byte(c.Credentials.Secret)))
} }
cm, err := newClientIdentityModel(c.Credentials.ID, dec, &c.Metadata) cm, err := newClientIdentityModel(c.Credentials.ID, dec, &c.Metadata)
if err != nil { if err != nil {

View file

@ -451,6 +451,12 @@ func (u *userModel) user() (user.User, error) {
} }
func newUserModel(u *user.User) (*userModel, error) { func newUserModel(u *user.User) (*userModel, error) {
if u.ID == "" {
return nil, fmt.Errorf("user is missing ID field")
}
if u.Email == "" {
return nil, fmt.Errorf("user %s is missing email field", u.ID)
}
um := userModel{ um := userModel{
ID: u.ID, ID: u.ID,
DisplayName: u.DisplayName, DisplayName: u.DisplayName,