Add Google auth validation and fix the case where no config is specified at all for Google auth or Github auth

2015-01-08 13:56:17 -05:00 · 2015-01-08 13:56:17 -05:00 · 5ac2c4970a
commit 5ac2c4970a
parent 5e0ce4eea9
3 changed files with 49 additions and 7 deletions
--- a/util/config/validator.py
+++ b/util/config/validator.py
@ -79,17 +79,21 @@ def _validate_github(config_key):

 def _validate_github_with_key(config_key, config):
  """ Validates the OAuth credentials and API endpoint for a Github service. """
-  endpoint = config[config_key].get('GITHUB_ENDPOINT')
+  github_config = config.get(config_key)
+  if not github_config:
+    raise Exception('Missing Github client id and client secret')
+
+  endpoint = github_config.get('GITHUB_ENDPOINT')
  if not endpoint:
    raise Exception('Missing Github Endpoint')

  if endpoint.find('http://') != 0 and endpoint.find('https://') != 0:
    raise Exception('Github Endpoint must start with http:// or https://')

-  if not config[config_key].get('CLIENT_ID'):
+  if not github_config.get('CLIENT_ID'):
    raise Exception('Missing Client ID')

-  if not config[config_key].get('CLIENT_SECRET'):
+  if not github_config.get('CLIENT_SECRET'):
    raise Exception('Missing Client Secret')

  client = app.config['HTTPCLIENT']
@ -99,6 +103,25 @@ def _validate_github_with_key(config_key, config):
    raise Exception('Invalid client id or client secret')


+def _validate_google_login(config):
+  """ Validates the Google Login client ID and secret. """
+  google_login_config = config.get('GOOGLE_LOGIN_CONFIG')
+  if not google_login_config:
+    raise Exception('Missing client ID and client secret')
+
+  if not google_login_config.get('CLIENT_ID'):
+    raise Exception('Missing Client ID')
+
+  if not google_login_config.get('CLIENT_SECRET'):
+    raise Exception('Missing Client Secret')
+
+  client = app.config['HTTPCLIENT']
+  oauth = GoogleOAuthConfig(config, 'GOOGLE_LOGIN_CONFIG')
+  result = oauth.validate_client_id_and_secret(client)
+  if not result:
+    raise Exception('Invalid client id or client secret')
+
+
 def _validate_ssl(config):
  """ Validates the SSL configuration (if enabled). """
  if config.get('PREFERRED_URL_SCHEME', 'http') != 'https':
@ -141,6 +164,7 @@ _VALIDATORS = {
  'mail': _validate_mailing,
  'github-login': _validate_github('GITHUB_LOGIN_CONFIG'),
  'github-trigger': _validate_github('GITHUB_TRIGGER_CONFIG'),
+  'google-login': _validate_google_login,
  'ssl': _validate_ssl,
  'ldap': _validate_ldap,
 }