Preserve state in oauth

2017-09-14 09:29:51 +02:00 · 2017-09-14 09:29:51 +02:00 · ac3f32da7e
commit ac3f32da7e
parent a8701282d4
2 changed files with 8 additions and 1 deletions
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@ -10,7 +10,8 @@ def authorize(conn, params) do
      response_type: params["response_type"],
      client_id: params["client_id"],
      scope: params["scope"],
-      redirect_uri: params["redirect_uri"]
+      redirect_uri: params["redirect_uri"],
+      state: params["state"]
    }
  end

@ -25,6 +26,11 @@ def create_authorization(conn, %{"authorization" => %{"name" => name, "password"
        }
      else
        url = "#{redirect_uri}?code=#{auth.token}"
+        url = if params["state"] do
+          url <> "&state=#{params["state"]}"
+        else
+          url
+        end
        redirect(conn, external: url)
      end
    end
--- a/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
+++ b/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
@ -10,5 +10,6 @@
 <%= hidden_input f, :response_type, value: @response_type %>
 <%= hidden_input f, :redirect_uri, value: @redirect_uri %>
 <%= hidden_input f, :scope, value: @scope %>
+<%= hidden_input f, :state, value: @state%>
 <%= submit "Authorize" %>
 <% end %>