Preserve state in oauth
This commit is contained in:
parent
a8701282d4
commit
ac3f32da7e
@ -10,7 +10,8 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
|||||||
response_type: params["response_type"],
|
response_type: params["response_type"],
|
||||||
client_id: params["client_id"],
|
client_id: params["client_id"],
|
||||||
scope: params["scope"],
|
scope: params["scope"],
|
||||||
redirect_uri: params["redirect_uri"]
|
redirect_uri: params["redirect_uri"],
|
||||||
|
state: params["state"]
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -25,6 +26,11 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
url = "#{redirect_uri}?code=#{auth.token}"
|
url = "#{redirect_uri}?code=#{auth.token}"
|
||||||
|
url = if params["state"] do
|
||||||
|
url <> "&state=#{params["state"]}"
|
||||||
|
else
|
||||||
|
url
|
||||||
|
end
|
||||||
redirect(conn, external: url)
|
redirect(conn, external: url)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -10,5 +10,6 @@
|
|||||||
<%= hidden_input f, :response_type, value: @response_type %>
|
<%= hidden_input f, :response_type, value: @response_type %>
|
||||||
<%= hidden_input f, :redirect_uri, value: @redirect_uri %>
|
<%= hidden_input f, :redirect_uri, value: @redirect_uri %>
|
||||||
<%= hidden_input f, :scope, value: @scope %>
|
<%= hidden_input f, :scope, value: @scope %>
|
||||||
|
<%= hidden_input f, :state, value: @state%>
|
||||||
<%= submit "Authorize" %>
|
<%= submit "Authorize" %>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
Loading…
Reference in New Issue
Block a user