mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-11-02 12:52:24 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

[feature] add 'state' oauth2 param to /oauth/authorize (#730)

Browse source
This commit is contained in:
tobi 2022-07-28 16:43:27 +02:00 committed by GitHub
commit 8106b69856
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 35 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

8
internal/api/client/auth/signin.go
View file

@ -58,16 +58,16 @@ func (m *Module) SignInGETHandler(c *gin.Context) {
// idp provider is in use, so redirect to it
s := sessions.Default(c)
stateI := s.Get(sessionState)
state, ok := stateI.(string)
internalStateI := s.Get(sessionInternalState)
internalState, ok := internalStateI.(string)
if !ok {
m.clearSession(s)
err := fmt.Errorf("key %s was not found in session", sessionState)
err := fmt.Errorf("key %s was not found in session", sessionInternalState)
api.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGet)
return
}
c.Redirect(http.StatusSeeOther, m.idp.AuthCodeURL(state))
c.Redirect(http.StatusSeeOther, m.idp.AuthCodeURL(internalState))
}
// SignInPOSTHandler should be served at https://example.org/auth/sign_in.