diff options
author | Christian Grothoff <christian@grothoff.org> | 2023-01-16 18:59:28 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2023-01-16 18:59:28 +0100 |
commit | 9091c32c0f2306a0b125951f5f4caa029001705d (patch) | |
tree | 2ea923b4ba204c287b61411ac70736eb41d936c9 /src | |
parent | 190a1b68b0a952b5e96ced4824628aa1669e060b (diff) |
move state to inner URL
Diffstat (limited to 'src')
-rw-r--r-- | src/kyclogic/plugin_kyclogic_oauth2.c | 22 |
1 files changed, 10 insertions, 12 deletions
diff --git a/src/kyclogic/plugin_kyclogic_oauth2.c b/src/kyclogic/plugin_kyclogic_oauth2.c index 259217ce8..5709b18f8 100644 --- a/src/kyclogic/plugin_kyclogic_oauth2.c +++ b/src/kyclogic/plugin_kyclogic_oauth2.c @@ -474,17 +474,17 @@ initiate_task (void *cls) hps = GNUNET_STRINGS_data_to_string_alloc (&ih->h_payto, sizeof (ih->h_payto)); GNUNET_asprintf (&redirect_uri, - "%skyc-proof/%s", + "%skyc-proof/%s?state=%s", ps->exchange_base_url, - pd->section); + pd->section, + hps); redirect_uri_encoded = TALER_urlencode (redirect_uri); GNUNET_free (redirect_uri); GNUNET_asprintf (&url, - "%s?response_type=code&client_id=%s&redirect_uri=%s&state=%s", + "%s?response_type=code&client_id=%s&redirect_uri=%s", pd->login_url, pd->client_id, - redirect_uri_encoded, - hps); + redirect_uri_encoded); GNUNET_free (redirect_uri_encoded); ih->cb (ih->cb_cls, TALER_EC_NONE, @@ -1012,21 +1012,19 @@ oauth2_proof (void *cls, char *redirect_uri; char *client_secret; char *authorization_code; - char *redirect_uri_encoded; char *hps; hps = GNUNET_STRINGS_data_to_string_alloc (&ph->h_payto, sizeof (ph->h_payto)); - GNUNET_asprintf (&redirect_uri, - "%skyc-proof/%s", + "%skyc-proof/%s?state=%s", ps->exchange_base_url, - pd->section); + pd->section, + hps); redirect_uri_encoded = TALER_urlencode (redirect_uri); GNUNET_free (redirect_uri); GNUNET_assert (NULL != redirect_uri_encoded); - client_id = curl_easy_escape (ph->eh, pd->client_id, 0); @@ -1047,8 +1045,8 @@ oauth2_proof (void *cls, authorization_code); curl_free (authorization_code); curl_free (client_secret); - curl_free (redirect_uri_encoded); - curl_free (hps); + GNUNET_free (redirect_uri_encoded); + GNUNET_free (hps); curl_free (client_id); } GNUNET_assert (CURLE_OK == |