|
|
@@ -9,10 +9,12 @@ const oAuthState = require('../helpers/oauth-state')
|
|
|
* @param {object} res
|
|
|
*/
|
|
|
module.exports = function oauthRedirect (req, res) {
|
|
|
- if (!req.query.state) {
|
|
|
- return res.status(400).send('Cannot find state param in reques')
|
|
|
+ const dynamic = (req.session.grant || {}).dynamic || {}
|
|
|
+ const state = dynamic.state
|
|
|
+ if (!state) {
|
|
|
+ return res.status(400).send('Cannot find state in session')
|
|
|
}
|
|
|
- const handler = oAuthState.getFromState(req.query.state, 'companionInstance', req.companion.options.secret)
|
|
|
+ const handler = oAuthState.getFromState(state, 'companionInstance', req.companion.options.secret)
|
|
|
const handlerHostName = parseUrl(handler).host
|
|
|
|
|
|
if (hasMatch(handlerHostName, req.companion.options.server.validHosts)) {
|
ifedapoolarewaju