libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

KEYCLOAK-6700 Financial API Read and Write API Security Profile : state

Browse source 
hash value (s_hash) to protect state parameter
This commit is contained in:
Takashi Norimatsu 2018-03-12 11:13:56 +09:00 committed by Marek Posolda
parent e72756d01a
commit 5b1e65c23e
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
services/src/main/java/org/keycloak/protocol/oidc/OIDCLoginProtocol.java
View file

@ -221,7 +221,7 @@ public class OIDCLoginProtocol implements LoginProtocol {
// Financial API - Part 2: Read and Write API Security Profile
// http://openid.net/specs/openid-financial-api-part-2.html#authorization-server
if (state != null)
if (state != null && !state.isEmpty())
responseBuilder.generateStateHash(state);
}