llvy.ltd/casdoor
1
0
Fork 0
mirror of https://github.com/casdoor/casdoor.git synced 2025-05-23 10:45:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: oauth params null value error (#465)

Browse Source 
Signed-off-by: Steve0x2a <stevesough@gmail.com>
This commit is contained in:
Steve0x2a 2022-01-30 17:58:54 +08:00 committed by GitHub
parent 19ed35f964
commit d943d5cc61
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
controllers/auth.go
View File

@ -55,7 +55,7 @@ func (c *ApiController) HandleLoggedIn(application *object.Application, user *ob
challengeMethod := c.Input().Get("code_challenge_method")
codeChallenge := c.Input().Get("code_challenge")
if challengeMethod != "S256" && challengeMethod != "null" {
if challengeMethod != "S256" && challengeMethod != "null" && challengeMethod != "" {
c.ResponseError("Challenge method should be S256")
return
}

2
controllers/token.go
View File

@ -145,7 +145,7 @@ func (c *ApiController) GetOAuthCode() {
challengeMethod := c.Input().Get("code_challenge_method")
codeChallenge := c.Input().Get("code_challenge")
if challengeMethod != "S256" && challengeMethod != "null" {
if challengeMethod != "S256" && challengeMethod != "null" && challengeMethod != "" {
c.ResponseError("Challenge method should be S256")
return
}

22
web/src/auth/Util.js
View File

@ -75,18 +75,22 @@ export function renderMessageLarge(ths, msg) {
}
}
function getRefinedValue(value){
return (value === null)? "" : value
}
export function getOAuthGetParameters(params) {
const queries = (params !== undefined) ? params : new URLSearchParams(window.location.search);
const clientId = queries.get("client_id");
const responseType = queries.get("response_type");
const redirectUri = queries.get("redirect_uri");
const scope = queries.get("scope");
const state = queries.get("state");
const nonce = queries.get("nonce")
const challengeMethod = queries.get("code_challenge_method")
const codeChallenge = queries.get("code_challenge")
const clientId = getRefinedValue(queries.get("client_id"));
const responseType = getRefinedValue(queries.get("response_type"));
const redirectUri = getRefinedValue(queries.get("redirect_uri"));
const scope = getRefinedValue(queries.get("scope"));
const state = getRefinedValue(queries.get("state"));
const nonce = getRefinedValue(queries.get("nonce"))
const challengeMethod = getRefinedValue(queries.get("code_challenge_method"))
const codeChallenge = getRefinedValue(queries.get("code_challenge"))
if (clientId === undefined || clientId === null) {
if (clientId === undefined || clientId === null || clientId === "") {
// login
return null;
} else {