IntenseWebs/mattermost
3
0
Fork 0
mirror of https://github.com/mattermost/mattermost.git synced 2025-02-25 18:55:24 -06:00
Code Issues Packages Projects Releases Wiki Activity

Increase OAuth2 state parameter limit

Browse Source
This commit is contained in:
JoramWilander
2018-02-07 16:21:22 -05:00
parent 654fc2f749
commit 840892ab88
4 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
model/authorize.go
View File

@@ -62,7 +62,7 @@ func (ad *AuthData) IsValid() *AppError {
return NewAppError("AuthData.IsValid", "model.authorize.is_valid.redirect_uri.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
}
if len(ad.State) > 128 {
if len(ad.State) > 1024 {
return NewAppError("AuthData.IsValid", "model.authorize.is_valid.state.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
}

2
model/authorize_test.go
View File

@@ -115,7 +115,7 @@ func TestAuthIsValid(t *testing.T) {
t.Fatal(err)
}
ad.Scope = NewRandomString(129)
ad.Scope = NewRandomString(1025)
if err := ad.IsValid(); err == nil {
t.Fatal("Should have failed invalid Scope")
}