From 0981437192487a30e1ce9b2ed2b2a5fcd6812748 Mon Sep 17 00:00:00 2001
From: jwijenbergh <jeroenwijenbergh@protonmail.com>
Date: Thu, 16 Feb 2023 16:10:07 +0100
Subject: OAuth: Make ISS required

---
 internal/oauth/oauth.go | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'internal/oauth')

diff --git a/internal/oauth/oauth.go b/internal/oauth/oauth.go
index 7200a95..6b42bc2 100644
--- a/internal/oauth/oauth.go
+++ b/internal/oauth/oauth.go
@@ -364,10 +364,9 @@ func writeResponseHTML(w http.ResponseWriter, title string, message string) erro
 // It returns the code and an error if there is one
 func (s *exchangeSession) Authcode(url *url.URL) (string, error) {
 	// ISS: https://www.rfc-editor.org/rfc/rfc9207.html
-	// TODO: Make this a required parameter in the future
 	q := url.Query()
 	iss := q.Get("iss")
-	if iss != "" && s.ISS != iss {
+	if s.ISS != iss {
 		return "", errors.Errorf("failed matching ISS; expected '%s' got '%s'", s.ISS, iss)
 	}
 
-- 
cgit v1.2.3