Check for error response in code exchange
This checks to see if we get a response with a populated `error` field in exchangeOauthCode(). If so, we return that error message as an error, to ensure the callback logic doesn't continue with a bad response. Ref T705
This commit is contained in:
Matt Baer
parent
39d0f1de98
commit
6bcc4cfa46
6
oauth.go
6
oauth.go
|
|
@ -25,6 +25,7 @@ type TokenResponse struct {
|
|||
ExpiresIn int `json:"expires_in"`
|
||||
RefreshToken string `json:"refresh_token"`
|
||||
TokenType string `json:"token_type"`
|
||||
Error string `json:"error"`
|
||||
}
|
||||
|
||||
// InspectResponse contains data returned when an access token is inspected.
|
||||
|
|
@ -224,6 +225,11 @@ func (h oauthHandler) exchangeOauthCode(ctx context.Context, code string) (*Toke
|
|||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
// Check the response for an error message, and return it if there is one.
|
||||
if tokenResponse.Error != "" {
|
||||
return nil, fmt.Errorf(tokenResponse.Error)
|
||||
}
|
||||
return &tokenResponse, nil
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue