Commit b9ad180b authored by Robert Lyon's avatar Robert Lyon
Browse files

Bug 1676223: Check token is supplied first



Before checking that it is in database and is unique

behatnotneeded

Change-Id: I3c51b228361ad10c567f6af04148246a95fed096
Signed-off-by: Robert Lyon's avatarRobert Lyon <robertl@catalyst.net.nz>
parent 4908b12b
......@@ -144,6 +144,7 @@ $string['owner'] = 'Owner';
$string['servicename'] = 'Service';
$string['generate'] = 'Generate token';
$string['invalidtoken'] = 'Invalid token selected';
$string['invalidtokennotsuppied'] = 'Invalid token selected or none supplied';
$string['token'] = 'Token';
$string['tokenid'] = 'Token "%s"';
$string['invaliduserselected'] = 'Invalid user selected';
......
......@@ -1030,6 +1030,10 @@ abstract class webservice_server implements webservice_server_interface {
return $user;
}
if (empty($this->token)) {
// log failed login attempts
throw new WebserviceAccessException(get_string('invalidtokennotsupplied', 'auth.webservice'));
}
$token = get_record('external_tokens', 'token', $this->token);
if (!$token) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment