Skip to content
This repository
Browse code

PAUSE login fails - link in conf email gives me some JSON, refs CPAN-…

  • Loading branch information...
commit 92816c5af52ff6a8c8e4358e6ed69b1ef3df780e 1 parent 8f3d2d9
Moritz Onken authored September 08, 2011
2  inc/monken/p5-elasticsearch-model
... ...
@@ -1 +1 @@
1  
-Subproject commit cebf76929125d0895148deaa2007da61b0fad769
  1
+Subproject commit 65be0e1926d0e482c6b2d8de03e3f37cdec4a62f
4  lib/Catalyst/Plugin/OAuth2/Provider.pm
@@ -139,7 +139,9 @@ sub redirect {
139 139
         $c->res->cookies->{oauth_tmp} = $cid;
140 140
     }
141 141
     my ( $client, $redirect_uri ) = @$params{qw(client_id redirect_uri)};
142  
-    $redirect_uri = $self->clients->{$client}->{redirect_uri}->[0];
  142
+    # we don't trust the user's redirect uri
  143
+    $redirect_uri = $self->clients->{$client}->{redirect_uri}->[0]
  144
+        if($client);
143 145
 
144 146
     if ($redirect_uri) {
145 147
         $c->res->redirect( $redirect_uri . "?$type=$message" );
7  lib/MetaCPAN/Server/Controller/Login.pm
@@ -8,8 +8,11 @@ use JSON;
8 8
 sub auto : Private {
9 9
     my ( $self, $c ) = @_;
10 10
     if ( $c->req->params->{client_id} ) {
11  
-        $c->res->cookies->{oauth_tmp}
12  
-            = { value => encode_json( $c->req->parameters ), path => '/' };
  11
+        $c->res->cookies->{oauth_tmp} = {
  12
+            value   => encode_json( $c->req->parameters ),
  13
+            path    => '/',
  14
+            expires => '+7d'
  15
+        };
13 16
     }
14 17
     return 1;
15 18
 }

0 notes on commit 92816c5

Please sign in to comment.
Something went wrong with that request. Please try again.