From 1b5d85a4ca6786f2c63a38716347a0bf26f51bed Mon Sep 17 00:00:00 2001
From: Sergej Nikolaev <kinolaev@gmail.com>
Date: Fri, 4 Oct 2019 19:56:30 +0300
Subject: fix oauth client redirect

Signed-off-by: Sergej Nikolaev <kinolaev@gmail.com>
---
 core/Controller/ClientFlowLoginController.php | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'core')

diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index f049f282ce8..bffedf19224 100644
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -196,7 +196,11 @@ class ClientFlowLoginController extends Controller {
 		$this->session->set(self::stateName, $stateToken);
 
 		$csp = new Http\ContentSecurityPolicy();
-		$csp->addAllowedFormActionDomain('nc://*');
+		if ($client) {
+			$csp->addAllowedFormActionDomain($client->getRedirectUri());
+		} else {
+			$csp->addAllowedFormActionDomain('nc://*');
+		}
 
 		$response = new StandaloneTemplateResponse(
 			$this->appName,
@@ -241,7 +245,11 @@ class ClientFlowLoginController extends Controller {
 		}
 
 		$csp = new Http\ContentSecurityPolicy();
-		$csp->addAllowedFormActionDomain('nc://*');
+		if ($client) {
+			$csp->addAllowedFormActionDomain($client->getRedirectUri());
+		} else {
+			$csp->addAllowedFormActionDomain('nc://*');
+		}
 
 		$response = new StandaloneTemplateResponse(
 			$this->appName,
-- 
cgit v1.2.3