devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: make code_challenge optional

Browse Source
This commit is contained in:
Lakhan Samani 2022-10-18 23:14:24 +05:30
parent 7c2693b086
commit 252cd1fa2d
1 changed files with 1 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
server/handlers/authorize.go
View File

@ -64,7 +64,7 @@ func AuthorizeHandler() gin.HandlerFunc {
if err := validateAuthorizeRequest(responseType, responseMode, clientID, state, codeChallenge); err != nil { if err := validateAuthorizeRequest(responseType, responseMode, clientID, state, codeChallenge); err != nil {
log.Debug("invalid authorization request: ", err) log.Debug("invalid authorization request: ", err)
gc.JSON(http.StatusBadRequest, gin.H{"error": err}) gc.JSON(http.StatusBadRequest, gin.H{"error": err.Error()})
return return
} }
@ -270,10 +270,6 @@ func validateAuthorizeRequest(responseType, responseMode, clientID, state, codeC
return fmt.Errorf("invalid response mode %s. 'query', 'fragment', 'form_post' and 'web_message' are valid response_mode", responseMode) return fmt.Errorf("invalid response mode %s. 'query', 'fragment', 'form_post' and 'web_message' are valid response_mode", responseMode)
} }
if responseType == constants.ResponseTypeCode && strings.TrimSpace(codeChallenge) == "" {
return fmt.Errorf("code_challenge is required for %s '%s'", responseType, constants.ResponseTypeCode)
}
if client, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID); client != clientID || err != nil { if client, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyClientID); client != clientID || err != nil {
return fmt.Errorf("invalid client_id %s", clientID) return fmt.Errorf("invalid client_id %s", clientID)
} }