Fix oauth2 authorization code client_id check

Global_ids where not able to be used in the authorization code workflow. Now global ids can be used. closes PLAT-4146 Change-Id: Iad60f2cd197616f0773648ec8c747e2541d1e055 Reviewed-on: https://gerrit.instructure.com/182344 Tested-by: Jenkins Reviewed-by: Weston Dransfield <wdransfield@instructure.com> QA-Review: Weston Dransfield <wdransfield@instructure.com> Product-Review: Marc Phillips <mphillips@instructure.com>
2019-02-21 12:31:05 -07:00 · 2019-02-21 12:31:05 -07:00 · 52fe806eaa
parent 11b4402ee0
commit 52fe806eaa
2 changed files with 7 additions and 1 deletions
--- a/lib/canvas/oauth/grant_types/authorization_code.rb
+++ b/lib/canvas/oauth/grant_types/authorization_code.rb
@ -11,7 +11,7 @@ module Canvas::Oauth
        raise Canvas::Oauth::RequestError, :authorization_code_not_supplied unless @opts[:code]
        @_token = @provider.token_for(@opts[:code])
        raise Canvas::Oauth::RequestError, :invalid_authorization_code  unless @_token.is_for_valid_code?
-        raise Canvas::Oauth::RequestError, :incorrect_client unless @_token.key.id == @_token.client_id
+        raise Canvas::Oauth::RequestError, :incorrect_client unless [@_token.key.global_id, @_token.key.id].include? @_token.client_id
      end

      def generate_token
--- a/spec/controllers/oauth2_provider_controller_spec.rb
+++ b/spec/controllers/oauth2_provider_controller_spec.rb
@ -374,6 +374,12 @@ describe Oauth2ProviderController do
          expect(json.keys.sort).to match_array(success_token_keys)
          expect(json['token_type']).to eq 'Bearer'
        end
+
+        context 'with global_id as client_id' do
+          let(:client_id) { key.global_id }
+
+          it { is_expected.to have_http_status(200) }
+        end
      end

      context 'invalid grant_type provided' do