summaryrefslogtreecommitdiffstats
path: root/apps/oauth2/lib
diff options
context:
space:
mode:
authorRoeland Jago Douma <roeland@famdouma.nl>2018-05-16 11:24:48 +0200
committerRoeland Jago Douma <roeland@famdouma.nl>2018-05-22 14:51:03 +0200
commita04ea70fcaedc602fa3e8aeb77dadab5506f1786 (patch)
tree450b9bab4af6aef8e203b4d6ad3e8807f14fc3f5 /apps/oauth2/lib
parent000cf1951c9e5a7090b16df7613139c3b8313e1e (diff)
downloadnextcloud-server-a04ea70fcaedc602fa3e8aeb77dadab5506f1786.tar.gz
nextcloud-server-a04ea70fcaedc602fa3e8aeb77dadab5506f1786.zip
Fail if the response type is not properly set
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
Diffstat (limited to 'apps/oauth2/lib')
-rw-r--r--apps/oauth2/lib/Controller/LoginRedirectorController.php11
1 files changed, 10 insertions, 1 deletions
diff --git a/apps/oauth2/lib/Controller/LoginRedirectorController.php b/apps/oauth2/lib/Controller/LoginRedirectorController.php
index 9237b4b1b3c..8e6d6d55e2d 100644
--- a/apps/oauth2/lib/Controller/LoginRedirectorController.php
+++ b/apps/oauth2/lib/Controller/LoginRedirectorController.php
@@ -61,11 +61,20 @@ class LoginRedirectorController extends Controller {
*
* @param string $client_id
* @param string $state
+ * @param string $response_type
* @return RedirectResponse
*/
public function authorize($client_id,
- $state) {
+ $state,
+ $response_type) {
$client = $this->clientMapper->getByIdentifier($client_id);
+
+ if ($response_type !== 'code') {
+ //Fail
+ $url = $client->getRedirectUri() . '?error=unsupported_response_type&state=' . $state;
+ return new RedirectResponse($url);
+ }
+
$this->session->set('oauth.state', $state);
$targetUrl = $this->urlGenerator->linkToRouteAbsolute(