Skip to content

2021-11-19 FIXED: Google_oauth2, Facebook, Github #150

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
katzlbt wants to merge 10 commits into
base: master
Choose a base branch
from
Open

2021-11-19 FIXED: Google_oauth2, Facebook, Github #150

Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
54401f9
Google_oauth2 get optional fields without KeyError.
katzlbt Feb 16, 2015
a5e7f7f
Facebook broken: https://github.com/bbangert/velruse/issues/158
katzlbt Apr 11, 2017
7b57fdf
Fixed Facebook key-error
katzlbt May 12, 2020
de28d36
Added comments and passed on raw data from google.
katzlbt May 12, 2020
730ff64
Added comments for unversioned API calls from FB.
katzlbt May 12, 2020
353a8f8
Fix github.com login deprecated GET Access
katzlbt Nov 19, 2021
663b6f7
Do not pollute the session
katzlbt Nov 19, 2021
afcc0f2
Moved unsupported providers to main dir
katzlbt Oct 23, 2023
d3c6239
Python 3.9 and Pyramid 1.10 support of a few providers.
katzlbt Oct 25, 2023
2f151ff
github.py add github's error_description to raised CSRFError
katzlbt Jan 16, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
github.py add github's error_description to raised CSRFError
  • Loading branch information
@katzlbt
katzlbt committed Jan 16, 2024
commit 2f151ff256335bdbc8f1d7f91b1435f71c11c738
6 changes: 5 additions & 1 deletion velruse/providers/github.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -107,9 +107,13 @@ def callback(self, request):
sess_state = request.session.pop('velruse.state', None)
req_state = request.GET.get('state')
if not sess_state or sess_state != req_state:
err_id = request.GET.get('error', 'CSRF Validation check failed')
err_desc = request.GET.get('error_description', '')
raise CSRFError(
'CSRF Validation check failed. Request state {req_state} is '
'{err_id}: {err_desc} Request state {req_state} is '
'not the same as session state {sess_state}'.format(
err_id=err_id,
err_desc=err_desc,
req_state=req_state,
sess_state=sess_state
)
Expand Down