a much needed check in order to prevent developer confusion :P

2017-08-28 01:35:19 +03:00 · 2017-08-28 01:35:19 +03:00 · f8990ec7a6
commit f8990ec7a6
parent 1ca055a526
1 changed files with 5 additions and 0 deletions
--- a/server/api/oauth2/controller/tokens/authorizationCode.js
+++ b/server/api/oauth2/controller/tokens/authorizationCode.js
@ -7,9 +7,14 @@ module.exports = async (oauth2, client, providedCode, redirectUri) => {

  let code = null

+  if (!providedCode) {
+    throw new error.InvalidRequest('code is mandatory for authorization_code grant type')
+  }
+
  try {
    code = await oauth2.model.code.fetchByCode(providedCode)
  } catch (err) {
+    console.error(err)
    throw new error.ServerError('Failed to call code.fetchByCode function')
  }