From f2999ba53efb407cb809b818b4535227444bceff Mon Sep 17 00:00:00 2001 From: Niko Abeler Date: Mon, 7 Nov 2022 20:00:18 +0100 Subject: [PATCH] iss param --- cmd/owl/web/auth_test.go | 1 + cmd/owl/web/handler.go | 3 ++- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/cmd/owl/web/auth_test.go b/cmd/owl/web/auth_test.go index 844b598..78ea651 100644 --- a/cmd/owl/web/auth_test.go +++ b/cmd/owl/web/auth_test.go @@ -69,6 +69,7 @@ func TestAuthPostCorrectPassword(t *testing.T) { assertions.AssertStatus(t, rr, http.StatusFound) assertions.AssertContains(t, rr.Header().Get("Location"), "code=") assertions.AssertContains(t, rr.Header().Get("Location"), "state=test_state") + assertions.AssertContains(t, rr.Header().Get("Location"), "iss="+user.FullUrl()) assertions.AssertContains(t, rr.Header().Get("Location"), "http://example.com/response") } diff --git a/cmd/owl/web/handler.go b/cmd/owl/web/handler.go index 0bf1d22..10e7d36 100644 --- a/cmd/owl/web/handler.go +++ b/cmd/owl/web/handler.go @@ -394,8 +394,9 @@ func userAuthVerifyHandler(repo *owl.Repository) func(http.ResponseWriter, *http } http.Redirect(w, r, fmt.Sprintf( - "%s?code=%s&state=%s", + "%s?code=%s&state=%s&iss=%s", redirect_uri, code, state, + user.AuthUrl(), ), http.StatusFound, )