diff options
Diffstat (limited to 'internal/oauth')
| -rw-r--r-- | internal/oauth/oauth.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/internal/oauth/oauth.go b/internal/oauth/oauth.go index f1cc9fe..d7da299 100644 --- a/internal/oauth/oauth.go +++ b/internal/oauth/oauth.go @@ -369,7 +369,7 @@ func (s *exchangeSession) Authcode(url *url.URL) (string, error) { // first check ISS iss := q.Get("iss") - if s.ISS != iss { + if s.ISS != "" && s.ISS != iss { return "", errors.Errorf("failed matching ISS; expected '%s' got '%s'", s.ISS, iss) } // Make sure the state is present and matches to protect against cross-site request forgeries |