providers/oauth2: lowercase all uris before checking redirect URI
see #249
This commit is contained in:
parent
4039e96803
commit
2e1849a732
|
@ -142,7 +142,9 @@ class OAuthAuthorizationParams:
|
||||||
if is_open_id and not self.redirect_uri:
|
if is_open_id and not self.redirect_uri:
|
||||||
LOGGER.warning("Missing redirect uri.")
|
LOGGER.warning("Missing redirect uri.")
|
||||||
raise RedirectUriError()
|
raise RedirectUriError()
|
||||||
if self.redirect_uri not in self.provider.redirect_uris.split():
|
if self.redirect_uri.lower() not in [
|
||||||
|
x.lower() for x in self.provider.redirect_uris.split()
|
||||||
|
]:
|
||||||
LOGGER.warning(
|
LOGGER.warning(
|
||||||
"Invalid redirect uri",
|
"Invalid redirect uri",
|
||||||
redirect_uri=self.redirect_uri,
|
redirect_uri=self.redirect_uri,
|
||||||
|
|
Reference in a new issue