Only let users log in to an OAuth server if they can see it
7213eb01e030
Actions

Description

Only let users log in to an OAuth server if they can see it

Summary:
Fixes T7169. We just weren't doing a policy-aware query. Basic idea here is that if you set an app to be visible only to specific users, those specific users are the only ones who should be able to authorize it.

In the Phacility cluster, this allows us to prevent users who haven't been invited from logging in to an instance.

Test Plan:

Tried to log into an instance I was not a member of.
Logged into an instance I am a member of.

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T7169

Differential Revision: https://secure.phabricator.com/D11696

Details

Provenance

epriestley	Authored on Feb 5 2015, 10:57 AM
themackabu	Pushed on Mar 25 2025, 8:07 PM

Parents

rPdca27279cc55: README update - rely on bug reporting doc and add section about community chat

Branches

Unknown

Tags

Unknown

Event Timeline

Changes (1)

Path

Size

src/

applications/

oauthserver/

controller/

PhabricatorOAuthServerAuthController.php

rP7213eb01e030

View Options

src/applications/oauthserver/controller/PhabricatorOAuthServerAuthController.php