From 8106b6985620956ce8cfa4126143a95ca87ea976 Mon Sep 17 00:00:00 2001
From: tobi <31960611+tsmethurst@users.noreply.github.com>
Date: Thu, 28 Jul 2022 16:43:27 +0200
Subject: [feature] add 'state' oauth2 param to /oauth/authorize (#730)

---
 internal/api/client/auth/signin.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'internal/api/client/auth/signin.go')

diff --git a/internal/api/client/auth/signin.go b/internal/api/client/auth/signin.go
index b8f267f54..f9541d4c5 100644
--- a/internal/api/client/auth/signin.go
+++ b/internal/api/client/auth/signin.go
@@ -58,16 +58,16 @@ func (m *Module) SignInGETHandler(c *gin.Context) {
 	// idp provider is in use, so redirect to it
 	s := sessions.Default(c)
 
-	stateI := s.Get(sessionState)
-	state, ok := stateI.(string)
+	internalStateI := s.Get(sessionInternalState)
+	internalState, ok := internalStateI.(string)
 	if !ok {
 		m.clearSession(s)
-		err := fmt.Errorf("key %s was not found in session", sessionState)
+		err := fmt.Errorf("key %s was not found in session", sessionInternalState)
 		api.ErrorHandler(c, gtserror.NewErrorBadRequest(err, err.Error()), m.processor.InstanceGet)
 		return
 	}
 
-	c.Redirect(http.StatusSeeOther, m.idp.AuthCodeURL(state))
+	c.Redirect(http.StatusSeeOther, m.idp.AuthCodeURL(internalState))
 }
 
 // SignInPOSTHandler should be served at https://example.org/auth/sign_in.
-- 
cgit v1.2.3