15529: Add some checks to login method

Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <pamstutz@veritasgenetics.com>

diff --git a/services/api/app/controllers/user_sessions_controller.rb b/services/api/app/controllers/user_sessions_controller.rb
index 8639728ccdfdf539b657171aeffdcf827ece2c59..1c5842f969d3c3740f138dc2994e9cdec5ac5370 100644 (file)
--- a/services/api/app/controllers/user_sessions_controller.rb
+++ b/services/api/app/controllers/user_sessions_controller.rb
@@ -152,13 +152,18 @@ class UserSessionsController < ApplicationController
     p = []
     p << "auth_provider=#{CGI.escape(params[:auth_provider])}" if params[:auth_provider]
 
-    login_cluster = ""
-    if !Rails.configuration.Login.LoginCluster.empty?
+    if !Rails.configuration.Login.LoginCluster.empty? and Rails.configuration.Login.LoginCluster != Rails.configuration.ClusterID
       cluster = Rails.configuration.RemoteClusters[Rails.configuration.Login.LoginCluster]
+      if not cluster
+        raise "LoginCluster #{Rails.configuration.Login.LoginCluster} missing from RemoteClusters"
+      end
       scheme = "https"
       if cluster['Scheme'] and !cluster['Scheme'].empty?
         scheme = cluster['Scheme']
       end
+      if !cluster['Host'] or cluster['Host'].empty?
+        raise "LoginCluster #{Rails.configuration.Login.LoginCluster} missing 'Host' in RemoteClusters"
+      end
       login_cluster = "#{scheme}://#{cluster['Host']}"
       p << "remote=#{CGI.escape(params[:remote])}" if params[:remote]
       p << "return_to=#{CGI.escape(params[:return_to])}" if params[:return_to]