Added config option to enable and disable the getuserinfo endpoint in oauth module.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1497 44740490-163a-0410-bde0-09ae8108e29a

Added config option to enable and disable the getuserinfo endpoint in oauth module.
b1d15f3d · Andreas Åkre Solberg · 34d67462 · b1d15f3d · b1d15f3d
Commit b1d15f3d authored 15 years ago by Andreas Åkre Solberg
--- a/modules/oauth/config-template/module_oauth.php
+++ b/modules/oauth/config-template/module_oauth.php
+<?php
+/* 
+ * Configuration for the OAuth module.
+ * 
+ * $Id$
+ */
+
+$config = array (
+
+	/* Enable the getUserInfo endpoint. Do not enable unless you know what you do.
+	 * It may give external parties access to userInfo unless properly secured.
+	 */
+	'getUserInfo.enable' => FALSE,
+
+);
+
--- a/modules/oauth/www/getUserInfo.php
+++ b/modules/oauth/www/getUserInfo.php
@@ -2,6 +2,12 @@

 require_once(dirname(dirname(__FILE__)) . '/libextinc/OAuth.php');

+$oauthconfig = SimpleSAML_Configuration::getConfig('module_oauth.php');
+
+if (!$oauthconfig->getBoolean('getUserInfo.enable', FALSE)) {
+	throw new Exception('Get user info endpoint is disabled. This endpoint can be enabled in the module_oauth.php configuration file.');
+}
+
 $store = new sspmod_oauth_OAuthStore();
 $server = new sspmod_oauth_OAuthServer($store);