Fixed that OpenID authentication fails with 422 error due to token verification (#15735).
git-svn-id: http://svn.redmine.org/redmine/trunk@12438 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
parent
2db5fc1a66
commit
5ee277fa22
|
@ -22,6 +22,14 @@ class AccountController < ApplicationController
|
||||||
# prevents login action to be filtered by check_if_login_required application scope filter
|
# prevents login action to be filtered by check_if_login_required application scope filter
|
||||||
skip_before_filter :check_if_login_required, :check_password_change
|
skip_before_filter :check_if_login_required, :check_password_change
|
||||||
|
|
||||||
|
# Overrides ApplicationController#verify_authenticity_token to disable
|
||||||
|
# token verification on openid callbacks
|
||||||
|
def verify_authenticity_token
|
||||||
|
unless using_open_id?
|
||||||
|
super
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
# Login request and validation
|
# Login request and validation
|
||||||
def login
|
def login
|
||||||
if request.get?
|
if request.get?
|
||||||
|
|
|
@ -131,6 +131,16 @@ class AccountControllerOpenidTest < ActionController::TestCase
|
||||||
assert_select 'input[name=?][value=?]', 'user[identity_url]', 'http://openid.example.com/good_blank_user'
|
assert_select 'input[name=?][value=?]', 'user[identity_url]', 'http://openid.example.com/good_blank_user'
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def test_post_login_should_not_verify_token_when_using_open_id
|
||||||
|
ActionController::Base.allow_forgery_protection = true
|
||||||
|
AccountController.any_instance.stubs(:using_open_id?).returns(true)
|
||||||
|
AccountController.any_instance.stubs(:authenticate_with_open_id).returns(true)
|
||||||
|
post :login
|
||||||
|
assert_response 200
|
||||||
|
ensure
|
||||||
|
ActionController::Base.allow_forgery_protection = false
|
||||||
|
end
|
||||||
|
|
||||||
def test_register_after_login_failure_should_not_require_user_to_enter_a_password
|
def test_register_after_login_failure_should_not_require_user_to_enter_a_password
|
||||||
Setting.self_registration = '3'
|
Setting.self_registration = '3'
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue