Fix oauth redirect when clientid is invalid
This commit is contained in:
parent
a9e31cff26
commit
97ef5ff765
|
@ -45,8 +45,6 @@ def authorize():
|
||||||
oauth_client_id = request.args.get("client_id")
|
oauth_client_id = request.args.get("client_id")
|
||||||
state = request.args.get("state")
|
state = request.args.get("state")
|
||||||
scope = request.args.get("scope")
|
scope = request.args.get("scope")
|
||||||
# TODO need to sensure this redirect_url has previously been validated by the client by setting a list
|
|
||||||
# of valid urls to use
|
|
||||||
redirect_uri = request.args.get("redirect_uri")
|
redirect_uri = request.args.get("redirect_uri")
|
||||||
response_mode = request.args.get("response_mode")
|
response_mode = request.args.get("response_mode")
|
||||||
nonce = request.args.get("nonce")
|
nonce = request.args.get("nonce")
|
||||||
|
@ -72,10 +70,7 @@ def authorize():
|
||||||
|
|
||||||
client = Client.get_by(oauth_client_id=oauth_client_id)
|
client = Client.get_by(oauth_client_id=oauth_client_id)
|
||||||
if not client:
|
if not client:
|
||||||
final_redirect_uri = (
|
redirect(url_for("auth.login"))
|
||||||
f"{redirect_uri}?error=invalid_client_id&client_id={oauth_client_id}"
|
|
||||||
)
|
|
||||||
return redirect(final_redirect_uri)
|
|
||||||
|
|
||||||
# check if redirect_uri is valid
|
# check if redirect_uri is valid
|
||||||
# allow localhost by default
|
# allow localhost by default
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
[pytest]
|
[pytest]
|
||||||
addopts =
|
xaddopts =
|
||||||
--cov
|
--cov
|
||||||
--cov-config coverage.ini
|
--cov-config coverage.ini
|
||||||
--cov-report=html:htmlcov
|
--cov-report=html:htmlcov
|
||||||
|
|
Loading…
Reference in New Issue