From a81d5a3d41796311d3cefe021a00f8c8f7d85a92 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 26 May 2022 12:52:29 +0200 Subject: [PATCH] providers/oauth2: regex-escape URLs when set to blank Signed-off-by: Jens Langhammer --- authentik/providers/oauth2/views/authorize.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/authentik/providers/oauth2/views/authorize.py b/authentik/providers/oauth2/views/authorize.py index 8116a593f..ac4802721 100644 --- a/authentik/providers/oauth2/views/authorize.py +++ b/authentik/providers/oauth2/views/authorize.py @@ -2,7 +2,7 @@ from dataclasses import dataclass, field from datetime import timedelta from re import error as RegexError -from re import fullmatch +from re import escape, fullmatch from typing import Optional from urllib.parse import parse_qs, urlencode, urlparse, urlsplit, urlunsplit from uuid import uuid4 @@ -181,7 +181,7 @@ class OAuthAuthorizationParams: if self.provider.redirect_uris == "": LOGGER.info("Setting redirect for blank redirect_uris", redirect=self.redirect_uri) - self.provider.redirect_uris = self.redirect_uri + self.provider.redirect_uris = escape(self.redirect_uri) self.provider.save() allowed_redirect_urls = self.provider.redirect_uris.split()