diff options
| author | jwijenbergh <jeroenwijenbergh@protonmail.com> | 2023-02-16 16:10:07 +0100 |
|---|---|---|
| committer | jwijenbergh <jeroenwijenbergh@protonmail.com> | 2023-02-16 16:10:07 +0100 |
| commit | 0981437192487a30e1ce9b2ed2b2a5fcd6812748 (patch) | |
| tree | 4a15b4adfbd6ddb2e4631d76782e9f25ecb2c285 /internal/oauth | |
| parent | 57705feadd598c9a14df53b83161b8f020731bd6 (diff) | |
OAuth: Make ISS required
Diffstat (limited to 'internal/oauth')
| -rw-r--r-- | internal/oauth/oauth.go | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/internal/oauth/oauth.go b/internal/oauth/oauth.go index 7200a95..6b42bc2 100644 --- a/internal/oauth/oauth.go +++ b/internal/oauth/oauth.go @@ -364,10 +364,9 @@ func writeResponseHTML(w http.ResponseWriter, title string, message string) erro // It returns the code and an error if there is one func (s *exchangeSession) Authcode(url *url.URL) (string, error) { // ISS: https://www.rfc-editor.org/rfc/rfc9207.html - // TODO: Make this a required parameter in the future q := url.Query() iss := q.Get("iss") - if iss != "" && s.ISS != iss { + if s.ISS != iss { return "", errors.Errorf("failed matching ISS; expected '%s' got '%s'", s.ISS, iss) } |