aboutsummaryrefslogtreecommitdiff
path: root/src/kyclogic
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2023-11-02 19:14:50 +0100
committerChristian Grothoff <christian@grothoff.org>2023-11-02 19:14:50 +0100
commit94a1e4f6b60a3d3561d57d3e371f88ba0e4bbc93 (patch)
tree56a572ffb65bb6c9924592384e32523437bfaa0b /src/kyclogic
parent713327e10549e82d9f3d6967bfd00d2d628aa259 (diff)
-fix redirect_uri construction for Oauth 2.0
Diffstat (limited to 'src/kyclogic')
-rw-r--r--src/kyclogic/plugin_kyclogic_oauth2.c18
1 files changed, 9 insertions, 9 deletions
diff --git a/src/kyclogic/plugin_kyclogic_oauth2.c b/src/kyclogic/plugin_kyclogic_oauth2.c
index 65dcaf08d..7344ac43f 100644
--- a/src/kyclogic/plugin_kyclogic_oauth2.c
+++ b/src/kyclogic/plugin_kyclogic_oauth2.c
@@ -549,18 +549,18 @@ initiate_with_url (struct TALER_KYCLOGIC_InitiateHandle *ih,
char *redirect_uri;
GNUNET_asprintf (&redirect_uri,
- "%skyc-proof/%s?state=%s",
+ "%skyc-proof/%s",
ps->exchange_base_url,
- pd->section,
- hps);
+ pd->section);
redirect_uri_encoded = TALER_urlencode (redirect_uri);
GNUNET_free (redirect_uri);
}
GNUNET_asprintf (&url,
- "%s?response_type=code&client_id=%s&redirect_uri=%s",
+ "%s?response_type=code&client_id=%s&redirect_uri=%s&state=%s",
authorize_url,
pd->client_id,
- redirect_uri_encoded);
+ redirect_uri_encoded,
+ hps);
GNUNET_free (redirect_uri_encoded);
}
ih->cb (ih->cb_cls,
@@ -1339,10 +1339,9 @@ oauth2_proof (void *cls,
char *redirect_uri;
GNUNET_asprintf (&redirect_uri,
- "%skyc-proof/%s?state=%s",
+ "%skyc-proof/%s",
ps->exchange_base_url,
- pd->section,
- hps);
+ pd->section);
redirect_uri_encoded = TALER_urlencode (redirect_uri);
GNUNET_free (redirect_uri);
}
@@ -1360,9 +1359,10 @@ oauth2_proof (void *cls,
0);
GNUNET_assert (NULL != authorization_code);
GNUNET_asprintf (&ph->post_body,
- "client_id=%s&redirect_uri=%s&client_secret=%s&code=%s&grant_type=authorization_code",
+ "client_id=%s&redirect_uri=%s&state=%s&client_secret=%s&code=%s&grant_type=authorization_code",
client_id,
redirect_uri_encoded,
+ hps,
client_secret,
authorization_code);
curl_free (authorization_code);