k-space/dex
Archived
11
0
Fork 0
Code Issues Pull Requests Packages Projects Activity

Merge pull request #1952 from flant/auth-code-iinvalid-grant

Browse Source 
fix: return invalid_grant error for invalid or expired auth codes
This commit is contained in:
Márk Sági-Kazár
2021-02-10 15:50:18 +01:00
committed by GitHub
parent a7a92b0513 d6b5105d9b
commit 9b1ecac0d9
2 changed files with 107 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
server/handlers.go
View File

@@ -805,13 +805,18 @@ func (s *Server) handleAuthCode(w http.ResponseWriter, r *http.Request, client s
code := r.PostFormValue("code")
redirectURI := r.PostFormValue("redirect_uri")
if code == "" {
s.tokenErrHelper(w, errInvalidRequest, `Required param: code.`, http.StatusBadRequest)
return
}
authCode, err := s.storage.GetAuthCode(code)
if err != nil || s.now().After(authCode.Expiry) || authCode.ClientID != client.ID {
if err != storage.ErrNotFound {
s.logger.Errorf("failed to get auth code: %v", err)
s.tokenErrHelper(w, errServerError, "", http.StatusInternalServerError)
} else {
s.tokenErrHelper(w, errInvalidRequest, "Invalid or expired code parameter.", http.StatusBadRequest)
s.tokenErrHelper(w, errInvalidGrant, "Invalid or expired code parameter.", http.StatusBadRequest)
}
return
}