Skip to content
Permalink
Browse files

[oauth2] Don't check state value if state option was never set in

initial request

Some servers will not return an empty state, so we should not
require its existance if it was never used to start with.
  • Loading branch information
nyalldawson committed Oct 24, 2018
1 parent 7a982f5 commit 7cf415383a4d13a9ccc2b8ca382beea5cbb33889
Showing with 12 additions and 9 deletions.
  1. +12 −9 src/auth/oauth2/qgso2.cpp
@@ -251,21 +251,24 @@ void QgsO2::onVerificationReceived( QMap<QString, QString> response )
return;
}

if ( response.contains( QStringLiteral( "state" ) ) )
if ( !state_.isEmpty() )
{
if ( response.value( QStringLiteral( "state" ), QStringLiteral( "ignore" ) ) != state_ )
if ( response.contains( QStringLiteral( "state" ) ) )
{
QgsDebugMsgLevel( QStringLiteral( "QgsO2::onVerificationReceived: Verification failed: (Response returned wrong state)" ), 3 ) ;
if ( response.value( QStringLiteral( "state" ), QStringLiteral( "ignore" ) ) != state_ )
{
QgsDebugMsgLevel( QStringLiteral( "QgsO2::onVerificationReceived: Verification failed: (Response returned wrong state)" ), 3 ) ;
emit linkingFailed();
return;
}
}
else
{
QgsDebugMsgLevel( QStringLiteral( "QgsO2::onVerificationReceived: Verification failed: (Response does not contain state)" ), 3 );
emit linkingFailed();
return;
}
}
else
{
QgsDebugMsgLevel( QStringLiteral( "QgsO2::onVerificationReceived: Verification failed: (Response does not contain state)" ), 3 );
emit linkingFailed();
return;
}
// Save access code
setCode( response.value( QString( O2_OAUTH2_GRANT_TYPE_CODE ) ) );
}

0 comments on commit 7cf4153

Please sign in to comment.
You can’t perform that action at this time.