mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-10-31 06:22:25 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

[bugfix] Fix '+'-separated scopes not being recognized (#4028)

Browse source 
* [bugfix] Fix '+'-separated scopes not being recognized

* comment
This commit is contained in:
tobi 2025-04-19 21:57:50 +02:00 committed by GitHub
commit e9f6d186dc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
6 changed files with 35 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

12
internal/api/auth/authorize.go
View file

@ -20,6 +20,7 @@ package auth
import (
"net/http"
"net/url"
"strings"
"github.com/gin-contrib/sessions"
"github.com/gin-gonic/gin"
@ -229,8 +230,8 @@ func (m *Module) AuthorizePOSTHandler(c *gin.Context) {
}
// redirectAuthFormToSignIn binds an OAuthAuthorize form,
// stores the values in the form into the session, and
// redirects the user to the sign in page.
// presumed to be set as url query params, stores the values
// into the session, and redirects the user to the sign in page.
func (m *Module) redirectAuthFormToSignIn(c *gin.Context) {
s := sessions.Default(c)
@ -240,9 +241,14 @@ func (m *Module) redirectAuthFormToSignIn(c *gin.Context) {
return
}
// Set default scope to read.
// If scope isn't set default to read.
//
// Else massage submitted scope(s) from
// '+'-separated to space-separated.
if form.Scope == "" {
form.Scope = "read"
} else {
form.Scope = strings.ReplaceAll(form.Scope, "+", " ")
}
// Save these values from the form so we