Do not redirect on unauthorized OIDC redirection URI (#1142)
This commit is contained in:
parent
a865cea016
commit
53014dd483
|
@ -330,15 +330,7 @@ sub run {
|
|||
unless ($redirect_uri_allowed) {
|
||||
$self->lmLog( "Redirect URI $redirect_uri not allowed",
|
||||
'error' );
|
||||
return $self->returnRedirectError(
|
||||
$req,
|
||||
$oidc_request->{'redirect_uri'},
|
||||
"invalid_request",
|
||||
"redirect_uri $redirect_uri not allowed",
|
||||
undef,
|
||||
$oidc_request->{'state'},
|
||||
( $flow ne "authorizationcode" )
|
||||
);
|
||||
return PE_BADURL;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user