From fcb450380f5f6561e6a65762b59e41660408592f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?C=C3=B4me=20Chilliet?= <come.chilliet@nextcloud.com>
Date: Thu, 19 Mar 2026 11:50:46 +0100
Subject: [PATCH] fix(oauth2): Add missing urlencode for failure redirection
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
---
 apps/oauth2/lib/Controller/LoginRedirectorController.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/oauth2/lib/Controller/LoginRedirectorController.php b/apps/oauth2/lib/Controller/LoginRedirectorController.php
index 7dbe6d902e477..b6bfb070441ef 100644
--- a/apps/oauth2/lib/Controller/LoginRedirectorController.php
+++ b/apps/oauth2/lib/Controller/LoginRedirectorController.php
@@ -89,7 +89,7 @@ public function authorize($client_id,
 
 		if ($response_type !== 'code') {
 			//Fail
-			$url = $client->getRedirectUri() . '?error=unsupported_response_type&state=' . $state;
+			$url = $client->getRedirectUri() . '?error=unsupported_response_type&state=' . \urlencode($state);
 			return new RedirectResponse($url);
 		}