Merge branch 'bugfix/missing-url-encoding-oauth-token-redirect' into 'develop'

Add missing URL encoding in create authorization redirect

See merge request pleroma/pleroma!338
This commit is contained in:
kaniini 2018-09-09 23:09:43 +00:00
commit 7b96d20328

View File

@ -39,15 +39,18 @@ defmodule Pleroma.Web.OAuth.OAuthController do
}) })
else else
connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?" connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?"
url = "#{redirect_uri}#{connector}code=#{auth.token}" url = "#{redirect_uri}#{connector}"
url_params = %{:code => auth.token}
url = url_params =
if params["state"] do if params["state"] do
url <> "&state=#{params["state"]}" Map.put(url_params, :state, params["state"])
else else
url url_params
end end
url = "#{url}#{Plug.Conn.Query.encode(url_params)}"
redirect(conn, external: url) redirect(conn, external: url)
end end
end end