dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix #2622

Browse Source
This commit is contained in:
Maxime Besson 2021-09-24 12:54:30 +02:00
parent ba77f2095d
commit b21500122d
2 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
View File

@ -1100,6 +1100,13 @@ sub _handleClientCredentialsGrant {
my $req_scope = $req->param('scope') || '';
my $scope = $self->getScope( $req, $rp, $req_scope );
unless ($scope) {
$self->userLogger->warn( 'Client '
. $client_id
. " was not granted any requested scopes ($req_scope) for $rp" );
return $self->sendOIDCError( $req, 'invalid_scope', 403 );
}
my $infos = {
$self->conf->{whatToTrace} => $client_id,
_clientId => $client_id,
@ -1228,6 +1235,12 @@ sub _handlePasswordGrant {
# Resolve scopes
my $scope = $self->getScope( $req, $rp, $req_scope );
unless ($scope) {
$self->userLogger->warn( 'User '
. $req->sessionInfo->{ $self->conf->{whatToTrace} }
. " was not granted any requested scopes ($req_scope) for $rp" );
return $self->sendOIDCError( $req, 'invalid_scope', 403 );
}
my $user_id = $self->getUserIDForRP( $req, $rp, $req->sessionInfo );

5
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
View File

@ -1546,7 +1546,10 @@ sub getScope {
}
$self->p->processHook( $req, 'oidcResolveScope', \@scope_values, $rp );
return join( ' ', @scope_values );
my $scope_str = join( ' ', @scope_values );
$self->logger->debug("Resolved scopes: $scope_str");
return $scope_str;
}
# Return Hash of UserInfo data