providers/oauth2: fix redirect_uri not being checked correctly if multiple redirect_uris are configured
This commit is contained in:
parent
86597df159
commit
0eb94df1f7
20
.fossa.yml
20
.fossa.yml
|
@ -1,20 +0,0 @@
|
||||||
# Generated by FOSSA CLI (https://github.com/fossas/fossa-cli)
|
|
||||||
# Visit https://fossa.com to learn more
|
|
||||||
|
|
||||||
version: 2
|
|
||||||
cli:
|
|
||||||
server: https://app.fossa.com
|
|
||||||
fetcher: custom
|
|
||||||
project: git@github.com:BeryJu/passbook.git
|
|
||||||
analyze:
|
|
||||||
modules:
|
|
||||||
- name: static
|
|
||||||
type: npm
|
|
||||||
target: passbook/static/static
|
|
||||||
path: passbook/static/static
|
|
||||||
- name: .
|
|
||||||
type: pip
|
|
||||||
target: .
|
|
||||||
path: .
|
|
||||||
options:
|
|
||||||
strategy: pipenv
|
|
|
@ -143,8 +143,8 @@ class OAuthAuthorizationParams:
|
||||||
if is_open_id and not self.redirect_uri:
|
if is_open_id and not self.redirect_uri:
|
||||||
LOGGER.warning("Missing redirect uri.")
|
LOGGER.warning("Missing redirect uri.")
|
||||||
raise RedirectUriError()
|
raise RedirectUriError()
|
||||||
if self.redirect_uri not in self.provider.redirect_uris:
|
if self.redirect_uri not in self.provider.redirect_uris.split():
|
||||||
LOGGER.warning("Invalid redirect uri", redirect_uri=self.redirect_uri)
|
LOGGER.warning("Invalid redirect uri", redirect_uri=self.redirect_uri, excepted=self.provider.redirect_uris.split())
|
||||||
raise RedirectUriError()
|
raise RedirectUriError()
|
||||||
|
|
||||||
if not is_open_id and (
|
if not is_open_id and (
|
||||||
|
|
|
@ -109,8 +109,8 @@ class TokenParams:
|
||||||
LOGGER.warning("Missing authorization code")
|
LOGGER.warning("Missing authorization code")
|
||||||
raise TokenError("invalid_grant")
|
raise TokenError("invalid_grant")
|
||||||
|
|
||||||
if self.redirect_uri not in self.provider.redirect_uris:
|
if self.redirect_uri not in self.provider.redirect_uris.split():
|
||||||
LOGGER.warning("Invalid redirect uri", uri=self.redirect_uri)
|
LOGGER.warning("Invalid redirect uri", uri=self.redirect_uri, expected=self.provider.redirect_uris.split())
|
||||||
raise TokenError("invalid_client")
|
raise TokenError("invalid_client")
|
||||||
|
|
||||||
try:
|
try:
|
||||||
|
|
|
@ -1,2 +0,0 @@
|
||||||
[tool.black]
|
|
||||||
target-version = ['py37']
|
|
Reference in a new issue