Add type checks to oauth2 parsing code

deeringc · web-flow · commit c0e31f075d30 · 2017-10-24T10:38:14.000+01:00
diff --git a/Release/src/http/oauth/oauth2.cpp b/Release/src/http/oauth/oauth2.cpp
@@ -149,7 +149,7 @@ oauth2_token oauth2_config::_parse_token_from_json(const json::value& token_json
 {
     oauth2_token result;
 
-    if (token_json.has_field(oauth2_strings::access_token))
+    if (token_json.has_string_field(oauth2_strings::access_token))
     {
         result.set_access_token(token_json.at(oauth2_strings::access_token).as_string());
     }
@@ -158,7 +158,7 @@ oauth2_token oauth2_config::_parse_token_from_json(const json::value& token_json
         throw oauth2_exception(U("response json contains no 'access_token': ") + token_json.serialize());
     }
 
-    if (token_json.has_field(oauth2_strings::token_type))
+    if (token_json.has_string_field(oauth2_strings::token_type))
     {
         result.set_token_type(token_json.at(oauth2_strings::token_type).as_string());
     }
@@ -174,7 +174,7 @@ oauth2_token oauth2_config::_parse_token_from_json(const json::value& token_json
         throw oauth2_exception(U("only 'token_type=bearer' access tokens are currently supported: ") + token_json.serialize());
     }
 
-    if (token_json.has_field(oauth2_strings::refresh_token))
+    if (token_json.has_string_field(oauth2_strings::refresh_token))
     {
         result.set_refresh_token(token_json.at(oauth2_strings::refresh_token).as_string());
     }
@@ -205,7 +205,7 @@ oauth2_token oauth2_config::_parse_token_from_json(const json::value& token_json
         result.set_expires_in(oauth2_token::undefined_expiration);
     }
 
-    if (token_json.has_field(oauth2_strings::scope))
+    if (token_json.has_string_field(oauth2_strings::scope))
     {
         // The authorization server may return different scope from the one requested.
         // This however doesn't necessarily mean the token authorization scope is different.

Original file line number	Diff line number	Diff line change
`@@ -149,7 +149,7 @@ oauth2_token oauth2_config::_parse_token_from_json(const json::value& token_json`
`149`	`149`	`{`
`150`	`150`	`oauth2_token result;`
`151`	`151`
`152`		`- if (token_json.has_field(oauth2_strings::access_token))`
	`152`	`+ if (token_json.has_string_field(oauth2_strings::access_token))`
`153`	`153`	`{`
`154`	`154`	`result.set_access_token(token_json.at(oauth2_strings::access_token).as_string());`
`155`	`155`	`}`
`@@ -158,7 +158,7 @@ oauth2_token oauth2_config::_parse_token_from_json(const json::value& token_json`
`158`	`158`	`throw oauth2_exception(U("response json contains no 'access_token': ") + token_json.serialize());`
`159`	`159`	`}`
`160`	`160`
`161`		`- if (token_json.has_field(oauth2_strings::token_type))`
	`161`	`+ if (token_json.has_string_field(oauth2_strings::token_type))`
`162`	`162`	`{`
`163`	`163`	`result.set_token_type(token_json.at(oauth2_strings::token_type).as_string());`
`164`	`164`	`}`
`@@ -174,7 +174,7 @@ oauth2_token oauth2_config::_parse_token_from_json(const json::value& token_json`
`174`	`174`	`throw oauth2_exception(U("only 'token_type=bearer' access tokens are currently supported: ") + token_json.serialize());`
`175`	`175`	`}`
`176`	`176`
`177`		`- if (token_json.has_field(oauth2_strings::refresh_token))`
	`177`	`+ if (token_json.has_string_field(oauth2_strings::refresh_token))`
`178`	`178`	`{`
`179`	`179`	`result.set_refresh_token(token_json.at(oauth2_strings::refresh_token).as_string());`
`180`	`180`	`}`
`@@ -205,7 +205,7 @@ oauth2_token oauth2_config::_parse_token_from_json(const json::value& token_json`
`205`	`205`	`result.set_expires_in(oauth2_token::undefined_expiration);`
`206`	`206`	`}`
`207`	`207`
`208`		`- if (token_json.has_field(oauth2_strings::scope))`
	`208`	`+ if (token_json.has_string_field(oauth2_strings::scope))`
`209`	`209`	`{`
`210`	`210`	`// The authorization server may return different scope from the one requested.`
`211`	`211`	`// This however doesn't necessarily mean the token authorization scope is different.`