aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2023-01-16 18:59:28 +0100
committerChristian Grothoff <christian@grothoff.org>2023-01-16 18:59:28 +0100
commit9091c32c0f2306a0b125951f5f4caa029001705d (patch)
tree2ea923b4ba204c287b61411ac70736eb41d936c9 /src
parent190a1b68b0a952b5e96ced4824628aa1669e060b (diff)
move state to inner URL
Diffstat (limited to 'src')
-rw-r--r--src/kyclogic/plugin_kyclogic_oauth2.c22
1 files changed, 10 insertions, 12 deletions
diff --git a/src/kyclogic/plugin_kyclogic_oauth2.c b/src/kyclogic/plugin_kyclogic_oauth2.c
index 259217ce8..5709b18f8 100644
--- a/src/kyclogic/plugin_kyclogic_oauth2.c
+++ b/src/kyclogic/plugin_kyclogic_oauth2.c
@@ -474,17 +474,17 @@ initiate_task (void *cls)
hps = GNUNET_STRINGS_data_to_string_alloc (&ih->h_payto,
sizeof (ih->h_payto));
GNUNET_asprintf (&redirect_uri,
- "%skyc-proof/%s",
+ "%skyc-proof/%s?state=%s",
ps->exchange_base_url,
- pd->section);
+ pd->section,
+ hps);
redirect_uri_encoded = TALER_urlencode (redirect_uri);
GNUNET_free (redirect_uri);
GNUNET_asprintf (&url,
- "%s?response_type=code&client_id=%s&redirect_uri=%s&state=%s",
+ "%s?response_type=code&client_id=%s&redirect_uri=%s",
pd->login_url,
pd->client_id,
- redirect_uri_encoded,
- hps);
+ redirect_uri_encoded);
GNUNET_free (redirect_uri_encoded);
ih->cb (ih->cb_cls,
TALER_EC_NONE,
@@ -1012,21 +1012,19 @@ oauth2_proof (void *cls,
char *redirect_uri;
char *client_secret;
char *authorization_code;
-
char *redirect_uri_encoded;
char *hps;
hps = GNUNET_STRINGS_data_to_string_alloc (&ph->h_payto,
sizeof (ph->h_payto));
-
GNUNET_asprintf (&redirect_uri,
- "%skyc-proof/%s",
+ "%skyc-proof/%s?state=%s",
ps->exchange_base_url,
- pd->section);
+ pd->section,
+ hps);
redirect_uri_encoded = TALER_urlencode (redirect_uri);
GNUNET_free (redirect_uri);
GNUNET_assert (NULL != redirect_uri_encoded);
-
client_id = curl_easy_escape (ph->eh,
pd->client_id,
0);
@@ -1047,8 +1045,8 @@ oauth2_proof (void *cls,
authorization_code);
curl_free (authorization_code);
curl_free (client_secret);
- curl_free (redirect_uri_encoded);
- curl_free (hps);
+ GNUNET_free (redirect_uri_encoded);
+ GNUNET_free (hps);
curl_free (client_id);
}
GNUNET_assert (CURLE_OK ==