Page MenuHomePhabricator
Create Task
Maniphest T214973

[oauthclient] Undefined offset when decoding JWT
Closed, ResolvedPublic
Actions

Description

I'm not quite sure what's going wrong here, but we should probably not assume that a given string has three parts:

list( $headb64, $bodyb64, $sigb64 ) = explode( '.', $JWT );

[2019-01-30 16:01:47] php.WARNING: Notice: Undefined offset: 1 {"exception":"[object] (ErrorException(code: 0): Notice: Undefined offset: 1 at /data/project/svgtranslate/app/vendor/mediawiki/oauthclient/src/Client.php:325)"} []
[2019-01-30 16:01:47] php.WARNING: Notice: Undefined offset: 2 {"exception":"[object] (ErrorException(code: 0): Notice: Undefined offset: 2 at /data/project/svgtranslate/app/vendor/mediawiki/oauthclient/src/Client.php:325)"} []
[2019-01-30 16:01:47] request.CRITICAL: Uncaught PHP Exception MediaWiki\OAuthClient\Exception: "Decoding server response failed: Syntax error (Raw response: z���l(j�a�)�jX�������ͫb�������g���N���h�,ڶ*'���z�"�*.�����-j����ږ'_�����"�)" at /data/project/svgtranslate/app/vendor/mediawiki/oauthclient/src/Client.php line 435 []

This is with the latest code of oauthclient (i.e. includes the recent error reporting improvements).

Details

SubjectRepoBranchLines +/-
Add error checking for JWT and base64 formatsmediawiki/oauthclient-phpmaster+59 -2
Customize query in gerrit

Related Objects
Search...

Event Timeline

Samwilson created this task.Jan 30 2019, 4:05 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 30 2019, 4:05 PM
Samwilson added a project: Community-Tech-Sprint.Jan 30 2019, 4:05 PM
Restricted Application added a project: Community-Tech. · View Herald TranscriptJan 30 2019, 4:05 PM
Samwilson added a parent task: T210888: Move svgtranslate tool to production instance.Jan 30 2019, 10:04 PM
Samwilson claimed this task.Jan 31 2019, 4:11 PM
Samwilson moved this task from Ready to In Development on the Community-Tech-Sprint board.
gerritbot subscribed.Jan 31 2019, 4:13 PM

Change 487363 had a related patch set uploaded (by Samwilson; owner: Samwilson):
[mediawiki/oauthclient-php@master] Add error checking for JWT format

https://gerrit.wikimedia.org/r/487363

gerritbot added a project: Patch-For-Review.Jan 31 2019, 4:13 PM
gerritbot added a comment.Jan 31 2019, 9:46 PM

Change 487363 merged by jenkins-bot:
[mediawiki/oauthclient-php@master] Add error checking for JWT and base64 formats

https://gerrit.wikimedia.org/r/487363

Tgr closed this task as Resolved.Feb 2 2019, 10:03 PM
Niharika moved this task from In Development to Q3 2018-19 on the Community-Tech-Sprint board.Feb 4 2019, 7:57 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL