File tree Expand file tree Collapse file tree 1 file changed +2
-1
lines changed Expand file tree Collapse file tree 1 file changed +2
-1
lines changed Original file line number Diff line number Diff line change @@ -24,6 +24,7 @@ class OAuth2
2424 option :authorize_options , [ :scope ]
2525 option :token_params , { }
2626 option :token_options , [ ]
27+ option :provider_ignores_state , false
2728
2829 attr_accessor :access_token
2930
@@ -68,7 +69,7 @@ def callback_phase
6869 if request . params [ 'error' ] || request . params [ 'error_reason' ]
6970 raise CallbackError . new ( request . params [ 'error' ] , request . params [ 'error_description' ] || request . params [ 'error_reason' ] , request . params [ 'error_uri' ] )
7071 end
71- if request . params [ 'state' ] . to_s . empty? || request . params [ 'state' ] != session . delete ( 'omniauth.state' )
72+ if ! options . provider_ignores_state && ( request . params [ 'state' ] . to_s . empty? || request . params [ 'state' ] != session . delete ( 'omniauth.state' ) )
7273 raise CallbackError . new ( nil , :csrf_detected )
7374 end
7475
You can’t perform that action at this time.
0 commit comments