commit
3b6030346f
|
@ -36,17 +36,18 @@ class Authorize extends BaseApi
|
||||||
], $request);
|
], $request);
|
||||||
|
|
||||||
if ($request['response_type'] != 'code') {
|
if ($request['response_type'] != 'code') {
|
||||||
Logger::warning('Unsupported or missing response type', ['request' => $_REQUEST]);
|
Logger::warning('Unsupported or missing response type', ['request' => $request]);
|
||||||
$this->logAndJsonError(422, $this->errorFactory->UnprocessableEntity($this->t('Unsupported or missing response type')));
|
$this->logAndJsonError(422, $this->errorFactory->UnprocessableEntity($this->t('Unsupported or missing response type')));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (empty($request['client_id']) || empty($request['redirect_uri'])) {
|
if (empty($request['client_id']) || empty($request['redirect_uri'])) {
|
||||||
Logger::warning('Incomplete request data', ['request' => $_REQUEST]);
|
Logger::warning('Incomplete request data', ['request' => $request]);
|
||||||
$this->logAndJsonError(422, $this->errorFactory->UnprocessableEntity($this->t('Incomplete request data')));
|
$this->logAndJsonError(422, $this->errorFactory->UnprocessableEntity($this->t('Incomplete request data')));
|
||||||
}
|
}
|
||||||
|
|
||||||
$application = OAuth::getApplication($request['client_id'], $request['client_secret'], $request['redirect_uri']);
|
$application = OAuth::getApplication($request['client_id'], $request['client_secret'], $request['redirect_uri']);
|
||||||
if (empty($application)) {
|
if (empty($application)) {
|
||||||
|
Logger::warning('An application could not be fetched.', ['request' => $request]);
|
||||||
$this->logAndJsonError(422, $this->errorFactory->UnprocessableEntity());
|
$this->logAndJsonError(422, $this->errorFactory->UnprocessableEntity());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -131,6 +131,7 @@ class OAuth
|
||||||
|
|
||||||
// The redirect_uri could contain several URI that are separated by spaces.
|
// The redirect_uri could contain several URI that are separated by spaces.
|
||||||
if (($application['redirect_uri'] != $redirect_uri) && !in_array($redirect_uri, explode(' ', $application['redirect_uri']))) {
|
if (($application['redirect_uri'] != $redirect_uri) && !in_array($redirect_uri, explode(' ', $application['redirect_uri']))) {
|
||||||
|
Logger::warning('Redirection uri does not match', ['redirect_uri' => $redirect_uri, 'application-redirect_uri' => $application['redirect_uri']]);
|
||||||
return [];
|
return [];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue