Track oidc authorizations by app, not client
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone Build is passing

This commit is contained in:
Garrett Mills 2021-04-15 13:50:48 -05:00
parent d1312fe627
commit 3301a48750
Signed by: garrettmills
GPG Key ID: D2BF5FBA8298F246
2 changed files with 4 additions and 4 deletions

View File

@ -176,7 +176,7 @@ class OpenIDController extends Controller {
{
text: req.T('common.grant'),
action: 'redirect',
next: `/openid/grant-and-save/${params.client_id}/${uid.toLowerCase()}`,
next: `/openid/grant-and-save/${application.id}/${uid.toLowerCase()}`,
},
{
text: req.T('common.grant_once'),
@ -189,9 +189,9 @@ class OpenIDController extends Controller {
}
async grant_and_save(req, res, next) {
if ( !req.user.has_authorized({ client_id: req.params.client_id }) ) {
if ( !req.user.has_authorized({ client_id: req.params.app_id }) ) {
req.user.authorize({
client_id: req.params.client_id,
client_id: req.params.app_id,
api_scopes: ['openid-connect'],
})

View File

@ -7,7 +7,7 @@ const openid = {
],
get: {
'/grant-and-save/:client_id/:uid': [
'/grant-and-save/:app_id/:uid': [
'middleware::auth:UserOnly', 'controller::OpenID.grant_and_save',
],
'/interaction/:uid': [