Preserve state in oauth

diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index 4672ce00ef9da24c3a4bafccaf926b7a06247842..d76a13d31907e28b4c52f17a389840f7fe1c9b0f 100644 (file)
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -10,7 +10,8 @@ defmodule Pleroma.Web.OAuth.OAuthController do
       response_type: params["response_type"],
       client_id: params["client_id"],
       scope: params["scope"],
-      redirect_uri: params["redirect_uri"]
+      redirect_uri: params["redirect_uri"],
+      state: params["state"]
     }
   end
 
@@ -25,6 +26,11 @@ defmodule Pleroma.Web.OAuth.OAuthController do
         }
       else
         url = "#{redirect_uri}?code=#{auth.token}"
+        url = if params["state"] do
+          url <> "&state=#{params["state"]}"
+        else
+          url
+        end
         redirect(conn, external: url)
       end
     end

diff --git a/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex b/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
index ce295ed059a965f18766eb80efc3ac9dcb973c0c..3c6903a16c775522873f17f6cae0ba93cf7f6c93 100644 (file)
--- a/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
+++ b/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
@@ -10,5 +10,6 @@
 <%= hidden_input f, :response_type, value: @response_type %>
 <%= hidden_input f, :redirect_uri, value: @redirect_uri %>
 <%= hidden_input f, :scope, value: @scope %>
+<%= hidden_input f, :state, value: @state%>
 <%= submit "Authorize" %>
 <% end %>