OAuth2: Treat empty parameter as no parameter

2024-11-10 01:23:48 +01:00 · 2023-12-16 22:05:52 +00:00 · 2023-12-16 22:05:52 +00:00 · 44cf1623c5
commit 44cf1623c5
parent d69331796b
1 changed files with 10 additions and 10 deletions
--- a/app/blueprints/oauth/init.py
+++ b/app/blueprints/oauth/init.py
@ -51,12 +51,12 @@ def oauth_start():
 	if response_type != "code":
 		return "Unsupported response_type, only code is supported", 400
-	client_id = request.args.get("client_id")
+	client_id = request.args.get("client_id", "")
-	if client_id is None:
+	if client_id == "":
 		return "Missing client_id", 400
-	redirect_uri = request.args.get("redirect_uri")
+	redirect_uri = request.args.get("redirect_uri", "")
-	if redirect_uri is None:
+	if redirect_uri == "":
 		return "Missing redirect_uri", 400
 	client = OAuthClient.query.get_or_404(client_id)
@ -118,16 +118,16 @@ def oauth_grant():
 	if grant_type != "authorization_code":
 		error(400, "Unsupported grant_type, only authorization_code is supported")
-	client_id = form.get("client_id")
+	client_id = form.get("client_id", "")
-	if client_id is None:
+	if client_id == "":
 		error(400, "Missing client_id")
-	client_secret = form.get("client_secret")
+	client_secret = form.get("client_secret", "")
-	if client_secret is None:
+	if client_secret == "":
 		error(400, "Missing client_secret")
-	code = form.get("code")
+	code = form.get("code", "")
-	if code is None:
+	if code == "":
 		error(400, "Missing code")
 	client = OAuthClient.query.filter_by(id=client_id, secret=client_secret).first()