providers/oauth2: regex-escape URLs when set to blank

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-05-26 12:52:29 +02:00
parent 4d17111233
commit a81d5a3d41
1 changed files with 2 additions and 2 deletions

View File

@ -2,7 +2,7 @@
from dataclasses import dataclass, field from dataclasses import dataclass, field
from datetime import timedelta from datetime import timedelta
from re import error as RegexError from re import error as RegexError
from re import fullmatch from re import escape, fullmatch
from typing import Optional from typing import Optional
from urllib.parse import parse_qs, urlencode, urlparse, urlsplit, urlunsplit from urllib.parse import parse_qs, urlencode, urlparse, urlsplit, urlunsplit
from uuid import uuid4 from uuid import uuid4
@ -181,7 +181,7 @@ class OAuthAuthorizationParams:
if self.provider.redirect_uris == "": if self.provider.redirect_uris == "":
LOGGER.info("Setting redirect for blank redirect_uris", redirect=self.redirect_uri) LOGGER.info("Setting redirect for blank redirect_uris", redirect=self.redirect_uri)
self.provider.redirect_uris = self.redirect_uri self.provider.redirect_uris = escape(self.redirect_uri)
self.provider.save() self.provider.save()
allowed_redirect_urls = self.provider.redirect_uris.split() allowed_redirect_urls = self.provider.redirect_uris.split()