cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: check grant types and add refresh token to discovery

Browse source
This commit is contained in:
Livio Amstutz 2021-05-27 13:44:11 +02:00
parent 8e884bdb9f
commit 14faebbb77
11 changed files with 72 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

3
pkg/op/token_code.go
View file

@ -53,6 +53,9 @@ func ValidateAccessTokenRequest(ctx context.Context, tokenReq *oidc.AccessTokenR
if client.GetID() != authReq.GetClientID() {
return nil, nil, ErrInvalidRequest("invalid auth code")
}
if !ValidateGrantType(client, oidc.GrantTypeCode) {
return nil, nil, ErrInvalidRequest("invalid_grant")
}
if tokenReq.RedirectURI != authReq.GetRedirectURI() {
return nil, nil, ErrInvalidRequest("redirect_uri does not correspond")
}