diff options
author | Christian Grothoff <christian@grothoff.org> | 2023-11-02 19:14:50 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2023-11-02 19:14:50 +0100 |
commit | 94a1e4f6b60a3d3561d57d3e371f88ba0e4bbc93 (patch) | |
tree | 56a572ffb65bb6c9924592384e32523437bfaa0b | |
parent | 713327e10549e82d9f3d6967bfd00d2d628aa259 (diff) |
-fix redirect_uri construction for Oauth 2.0
-rw-r--r-- | src/kyclogic/plugin_kyclogic_oauth2.c | 18 | ||||
-rw-r--r-- | src/testing/testing_api_cmd_oauth.c | 2 |
2 files changed, 10 insertions, 10 deletions
diff --git a/src/kyclogic/plugin_kyclogic_oauth2.c b/src/kyclogic/plugin_kyclogic_oauth2.c index 65dcaf08d..7344ac43f 100644 --- a/src/kyclogic/plugin_kyclogic_oauth2.c +++ b/src/kyclogic/plugin_kyclogic_oauth2.c @@ -549,18 +549,18 @@ initiate_with_url (struct TALER_KYCLOGIC_InitiateHandle *ih, char *redirect_uri; GNUNET_asprintf (&redirect_uri, - "%skyc-proof/%s?state=%s", + "%skyc-proof/%s", ps->exchange_base_url, - pd->section, - hps); + pd->section); redirect_uri_encoded = TALER_urlencode (redirect_uri); GNUNET_free (redirect_uri); } GNUNET_asprintf (&url, - "%s?response_type=code&client_id=%s&redirect_uri=%s", + "%s?response_type=code&client_id=%s&redirect_uri=%s&state=%s", authorize_url, pd->client_id, - redirect_uri_encoded); + redirect_uri_encoded, + hps); GNUNET_free (redirect_uri_encoded); } ih->cb (ih->cb_cls, @@ -1339,10 +1339,9 @@ oauth2_proof (void *cls, char *redirect_uri; GNUNET_asprintf (&redirect_uri, - "%skyc-proof/%s?state=%s", + "%skyc-proof/%s", ps->exchange_base_url, - pd->section, - hps); + pd->section); redirect_uri_encoded = TALER_urlencode (redirect_uri); GNUNET_free (redirect_uri); } @@ -1360,9 +1359,10 @@ oauth2_proof (void *cls, 0); GNUNET_assert (NULL != authorization_code); GNUNET_asprintf (&ph->post_body, - "client_id=%s&redirect_uri=%s&client_secret=%s&code=%s&grant_type=authorization_code", + "client_id=%s&redirect_uri=%s&state=%s&client_secret=%s&code=%s&grant_type=authorization_code", client_id, redirect_uri_encoded, + hps, client_secret, authorization_code); curl_free (authorization_code); diff --git a/src/testing/testing_api_cmd_oauth.c b/src/testing/testing_api_cmd_oauth.c index b086d2297..17f0eaa68 100644 --- a/src/testing/testing_api_cmd_oauth.c +++ b/src/testing/testing_api_cmd_oauth.c @@ -1,6 +1,6 @@ /* This file is part of TALER - Copyright (C) 2021 Taler Systems SA + Copyright (C) 2021-2023 Taler Systems SA TALER is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as |