From 78a24e3b8148a03a12bf5c93b5a19cb252ea6323 Mon Sep 17 00:00:00 2001
From: Robin Appelman <robin@icewind.nl>
Date: Thu, 19 Oct 2017 14:05:02 +0200
Subject: [PATCH] validate user response

Signed-off-by: Robin Appelman <robin@icewind.nl>
---
 lib/private/Remote/Api/OCS.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/lib/private/Remote/Api/OCS.php b/lib/private/Remote/Api/OCS.php
index 427a5adcd96..5ce56621a71 100644
--- a/lib/private/Remote/Api/OCS.php
+++ b/lib/private/Remote/Api/OCS.php
@@ -70,7 +70,14 @@ class OCS extends ApiBase implements ICapabilitiesApi, IUserApi {
 	}
 
 	public function getUser($userId) {
-		return new User($this->request('get', 'cloud/users/' . $userId));
+		$result = $this->request('get', 'cloud/users/' . $userId);
+		$keys = ['id', 'email', 'displayname', 'phone', 'address', 'website', 'groups', 'language', 'quota'];
+		foreach ($keys as $key) {
+			if (!isset($result[$key])) {
+				throw new \Exception('Invalid user response, expected field ' . $key . ' not found');
+			}
+		}
+		return new User($result);
 	}
 
 	/**
-- 
GitLab