FindBugs error: manage error condition for Gerrit passwd for Git/HTTP
When using Git over HTTP(/S) we need to transparently generate
a Gerrit HTTP password. Should this fail we need to block the
redirect to the Git over HTTP endpoint and just return an error.
Change-Id: I62180c9eb6e9e9206510a63c9b7987a5c2c64696
diff --git a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthGitFilter.java b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthGitFilter.java
index cd8b32e..91f3b86 100644
--- a/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthGitFilter.java
+++ b/github-oauth/src/main/java/com/googlesource/gerrit/plugins/github/oauth/OAuthGitFilter.java
@@ -150,7 +150,12 @@
gerritPassword =
generateRandomGerritPassword(username, httpRequest, httpResponse,
chain);
- httpResponse.sendRedirect(getRequestPathWithQueryString(httpRequest));
+ if (Strings.isNullOrEmpty(gerritPassword)) {
+ httpResponse.sendError(SC_FORBIDDEN,
+ "Unable to generate Gerrit password for Git Basic-Auth");
+ } else {
+ httpResponse.sendRedirect(getRequestPathWithQueryString(httpRequest));
+ }
return;
}