From ce1a3c4f117b1ed4a2d758e985f83a063fd53d76 Mon Sep 17 00:00:00 2001 From: Hugo <hnouts@grandlyon.com> Date: Mon, 20 Apr 2020 14:39:48 +0200 Subject: [PATCH] error 500 bad state trying to inject /accounts/service-name/redirect in the construction of the redirect uri instead of polluting state with it --- main.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/main.go b/main.go index eb623b7..e6ea6fb 100644 --- a/main.go +++ b/main.go @@ -19,7 +19,8 @@ func main() { mux.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) { query := r.URL.Query() fmt.Println(query) - host := strings.Split(query.Get("state"), "-")[1] + // host := strings.Split(query.Get("state"), "-")[1] + host := query.Get("state") fmt.Println(host) state := query.Get("state") fmt.Println(state) @@ -27,7 +28,7 @@ func main() { fmt.Println(usagePointId) code := query.Get("code") fmt.Println(code) - redir := "https://" + host + "?code=" + code + "&state="+ state +"&usage_point_id=" + usagePointId + redir := "https://" + host + "/accounts/enedisoauth/redirect?code=" + code + "&state="+ state +"&usage_point_id=" + usagePointId fmt.Println(redir) http.Redirect(w, r, redir, 302) }) -- GitLab