From cc23784df884790fc4b8c8ceefbb8f2593030afa Mon Sep 17 00:00:00 2001
From: Lakhan Samani <lakhan.m.samani@gmail.com>
Date: Wed, 19 Oct 2022 12:01:34 +0530
Subject: [PATCH] fix: add code to login query params

---
 server/handlers/authorize.go | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/server/handlers/authorize.go b/server/handlers/authorize.go
index 53c357f..d9cc5a5 100644
--- a/server/handlers/authorize.go
+++ b/server/handlers/authorize.go
@@ -77,8 +77,11 @@ func AuthorizeHandler() gin.HandlerFunc {
 			"redirect_uri":   redirectURI,
 		})
 
+		code := uuid.New().String()
+		memorystore.Provider.SetState(codeChallenge, code)
+
 		// used for response mode query or fragment
-		loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI
+		loginState := "state=" + state + "&scope=" + strings.Join(scope, " ") + "&redirect_uri=" + redirectURI + "&code=" + code
 		loginURL := "/app?" + loginState
 
 		if responseMode == constants.ResponseModeFragment {
@@ -155,7 +158,6 @@ func AuthorizeHandler() gin.HandlerFunc {
 			return
 		}
 
-		code := uuid.New().String()
 		if err := memorystore.Provider.SetState(codeChallenge, code+"@"+newSessionToken); err != nil {
 			log.Debug("SetState failed: ", err)
 			handleResponse(gc, responseMode, loginURL, redirectURI, loginError, http.StatusOK)