Skip to content

Commit f7a42cd

Browse files
committed
crash in store due to a bug in mysql adapter on missing auth record
1 parent b0e2b17 commit f7a42cd

File tree

4 files changed

+11
-5
lines changed

4 files changed

+11
-5
lines changed

server/db/mongodb/adapter.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1121,7 +1121,7 @@ func (a *adapter) AuthGetRecord(uid t.Uid, scheme string) (string, auth.Level, [
11211121
err := a.db.Collection("auth").FindOne(a.ctx, filter, findOpts).Decode(&record)
11221122
if err != nil {
11231123
if err == mdb.ErrNoDocuments {
1124-
return "", 0, nil, time.Time{}, t.ErrNotFound
1124+
err = t.ErrNotFound
11251125
}
11261126
return "", 0, nil, time.Time{}, err
11271127
}

server/db/mysql/adapter.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -867,8 +867,8 @@ func (a *adapter) AuthGetRecord(uid t.Uid, scheme string) (string, auth.Level, [
867867
if err := a.db.GetContext(ctx, &record, "SELECT uname,secret,expires,authlvl FROM auth WHERE userid=? AND scheme=?",
868868
store.DecodeUid(uid), scheme); err != nil {
869869
if err == sql.ErrNoRows {
870-
// Nothing found - clear the error
871-
err = nil
870+
// Nothing found - use standard error.
871+
err = t.ErrNotFound
872872
}
873873
return "", 0, nil, expires, err
874874
}

server/session.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -955,7 +955,8 @@ func (s *Session) login(msg *ClientComMessage) {
955955
}
956956

957957
// authSecretReset resets an authentication secret;
958-
// params: "auth-method-to-reset:credential-method:credential-value".
958+
// params: "auth-method-to-reset:credential-method:credential-value",
959+
// for example: "basic:email:alice@example.com".
959960
func (s *Session) authSecretReset(params []byte) error {
960961
var authScheme, credMethod, credValue string
961962
if parts := strings.Split(string(params), ":"); len(parts) == 3 {

server/store/store.go

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -322,8 +322,13 @@ func (UsersObjMapper) GetAuthRecord(user types.Uid, scheme string) (string, auth
322322
unique, authLvl, secret, expires, err := adp.AuthGetRecord(user, scheme)
323323
if err == nil {
324324
parts := strings.Split(unique, ":")
325-
unique = parts[1]
325+
if len(parts) > 1 {
326+
unique = parts[1]
327+
} else {
328+
err = types.ErrInternal
329+
}
326330
}
331+
327332
return unique, authLvl, secret, expires, err
328333
}
329334

0 commit comments

Comments
 (0)