From 06a8df3bb8e1881a93f0ae65bfb7cc5246b988ce Mon Sep 17 00:00:00 2001 From: Peter Stuifzand Date: Wed, 25 Jul 2018 13:51:00 +0200 Subject: [PATCH] Check if grant_type is used in token_endpoint --- cmd/eksterd/http.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/cmd/eksterd/http.go b/cmd/eksterd/http.go index 05d015d..093be21 100644 --- a/cmd/eksterd/http.go +++ b/cmd/eksterd/http.go @@ -559,7 +559,12 @@ func (h *mainHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { http.Redirect(w, r, redirectURI.String(), 302) return } else if r.URL.Path == "/auth/token" { - //grantType := r.FormValue("grant_type") + grantType := r.FormValue("grant_type") + if grantType != "authorization_code" { + w.WriteHeader(400) + fmt.Fprintf(w, "ERROR: grant_type is not set to %q", "authorization_code") + return + } code := r.FormValue("code") //clientID := r.FormValue("client_id") //redirectURI := r.FormValue("redirect_uri")