Prevent reuse of authorization code (#184)
This commit is contained in:
parent
8082b48b97
commit
0be124d3d7
@ -88,6 +88,7 @@ sub issuerForUnAuthUser {
|
|||||||
"error"
|
"error"
|
||||||
);
|
);
|
||||||
$self->returnJSONError("invalid_request");
|
$self->returnJSONError("invalid_request");
|
||||||
|
$codeSession->remove();
|
||||||
$self->quit;
|
$self->quit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -100,6 +101,7 @@ sub issuerForUnAuthUser {
|
|||||||
"Unable to find user session linked to OIDC session $code",
|
"Unable to find user session linked to OIDC session $code",
|
||||||
"error" );
|
"error" );
|
||||||
$self->returnJSONError("invalid_request");
|
$self->returnJSONError("invalid_request");
|
||||||
|
$codeSession->remove();
|
||||||
$self->quit;
|
$self->quit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -114,6 +116,7 @@ sub issuerForUnAuthUser {
|
|||||||
$self->lmLog( "Unable to create OIDC session for access_token",
|
$self->lmLog( "Unable to create OIDC session for access_token",
|
||||||
"error" );
|
"error" );
|
||||||
$self->returnJSONError("invalid_request");
|
$self->returnJSONError("invalid_request");
|
||||||
|
$codeSession->remove();
|
||||||
$self->quit;
|
$self->quit;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -171,6 +174,7 @@ sub issuerForUnAuthUser {
|
|||||||
|
|
||||||
$self->lmLog( "Token response sent", 'debug' );
|
$self->lmLog( "Token response sent", 'debug' );
|
||||||
|
|
||||||
|
$codeSession->remove();
|
||||||
$self->quit;
|
$self->quit;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user