More permissive redirect uris
This commit is contained in:
parent
819210ae86
commit
e0016b8305
@ -93,7 +93,7 @@ pub async fn authorize(user: CurrentUser, id: Identity, query: web::Query<Author
|
|||||||
};
|
};
|
||||||
|
|
||||||
let redirect_uri = query.redirect_uri.trim().to_string();
|
let redirect_uri = query.redirect_uri.trim().to_string();
|
||||||
if client.redirect_uri != redirect_uri {
|
if !redirect_uri.starts_with(&client.redirect_uri) {
|
||||||
return HttpResponse::BadRequest().body(FatalErrorPage {
|
return HttpResponse::BadRequest().body(FatalErrorPage {
|
||||||
message: "Redirect URI is invalid!"
|
message: "Redirect URI is invalid!"
|
||||||
}.render().unwrap());
|
}.render().unwrap());
|
||||||
|
Loading…
Reference in New Issue
Block a user