auth

Paddy 2014-11-02 Parent:c29c7df35905 Child:55d5107e8805

65:f97ca45d5657 Go to Latest

auth/http.go

Fix bug with response_type redirect, add tests. Test that we redirect with an error when an invalid response_type is supplied. Fix a bug that would not add any of our parameters to the redirect URL.

Download raw file
View source Diff to previous Annotate
History 
     1.1 --- a/http.go	Sun Nov 02 22:28:49 2014 -0500
     1.2 +++ b/http.go	Sun Nov 02 23:01:02 2014 -0500
     1.3 @@ -107,8 +107,10 @@
     1.4  	scope := r.URL.Query().Get("scope")
     1.5  	state := r.URL.Query().Get("state")
     1.6  	if r.URL.Query().Get("response_type") != "code" {
     1.7 -		redirectURL.Query().Add("error", "invalid_request")
     1.8 -		redirectURL.Query().Add("state", state)
     1.9 +		q := redirectURL.Query()
    1.10 +		q.Add("error", "invalid_request")
    1.11 +		q.Add("state", state)
    1.12 +		redirectURL.RawQuery = q.Encode()
    1.13  		http.Redirect(w, r, redirectURL.String(), http.StatusFound)
    1.14  		return
    1.15  	}