summaryrefslogtreecommitdiffstats
path: root/core/Controller
diff options
context:
space:
mode:
Diffstat (limited to 'core/Controller')
-rw-r--r--core/Controller/ClientFlowLoginController.php14
1 files changed, 11 insertions, 3 deletions
diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index bffedf19224..ba594469a7f 100644
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -6,6 +6,7 @@
* @author Lukas Reschke <lukas@statuscode.ch>
* @author Morris Jobke <hey@morrisjobke.de>
* @author Roeland Jago Douma <roeland@famdouma.nl>
+ * @author Russell Ault <russell@auksnest.ca>
*
* @license GNU AGPL version 3 or any later version
*
@@ -337,9 +338,16 @@ class ClientFlowLoginController extends Controller {
$accessToken->setTokenId($generatedToken->getId());
$this->accessTokenMapper->insert($accessToken);
- $redirectUri = sprintf(
- '%s?state=%s&code=%s',
- $client->getRedirectUri(),
+ $redirectUri = $client->getRedirectUri();
+
+ if (parse_url($redirectUri, PHP_URL_QUERY)) {
+ $redirectUri .= '&';
+ } else {
+ $redirectUri .= '?';
+ }
+
+ $redirectUri .= sprintf(
+ 'state=%s&code=%s',
urlencode($this->session->get('oauth.state')),
urlencode($code)
);
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-06 06:22:37 +0000