Fix error handling when OAuth2 session is not found (#2481)

2620-ppolicy-binding
Maxime Besson 4 years ago
parent 0f626ad94c
commit 41c388b26b
  1. 20
      lemonldap-ng-handler/lib/Lemonldap/NG/Handler/Lib/OAuth2.pm

@ -11,16 +11,16 @@ sub retrieveSession {
# Retrieve regular session if this is not an offline access token
unless ($offlineId) {
my $data = {
%{
$class->Lemonldap::NG::Handler::Main::retrieveSession( $req,
$id )
},
$class->_getTokenAttributes($req)
};
# Update cache
$class->data($data);
my $data =
$class->Lemonldap::NG::Handler::Main::retrieveSession( $req, $id );
if ( ref($data) eq "HASH" ) {
$data = { %{$data}, $class->_getTokenAttributes($req) };
# Update cache
$class->data($data);
} else {
$req->data->{oauth2_error} = 'invalid_token';
}
return $data;
}

Loading…
Cancel
Save