Fail if the response type is not properly set
Signed-off-by: Roeland Jago Douma <roeland@famdouma.nl>
This commit is contained in:
parent
1525cc286c
commit
aa78c30666
|
@ -61,11 +61,20 @@ class LoginRedirectorController extends Controller {
|
||||||
*
|
*
|
||||||
* @param string $client_id
|
* @param string $client_id
|
||||||
* @param string $state
|
* @param string $state
|
||||||
|
* @param string $response_type
|
||||||
* @return RedirectResponse
|
* @return RedirectResponse
|
||||||
*/
|
*/
|
||||||
public function authorize($client_id,
|
public function authorize($client_id,
|
||||||
$state) {
|
$state,
|
||||||
|
$response_type) {
|
||||||
$client = $this->clientMapper->getByIdentifier($client_id);
|
$client = $this->clientMapper->getByIdentifier($client_id);
|
||||||
|
|
||||||
|
if ($response_type !== 'code') {
|
||||||
|
//Fail
|
||||||
|
$url = $client->getRedirectUri() . '?error=unsupported_response_type&state=' . $state;
|
||||||
|
return new RedirectResponse($url);
|
||||||
|
}
|
||||||
|
|
||||||
$this->session->set('oauth.state', $state);
|
$this->session->set('oauth.state', $state);
|
||||||
|
|
||||||
$targetUrl = $this->urlGenerator->linkToRouteAbsolute(
|
$targetUrl = $this->urlGenerator->linkToRouteAbsolute(
|
||||||
|
|
Loading…
Reference in New Issue