File tree Expand file tree Collapse file tree 1 file changed +2
-2
lines changed
packages/web/src/ee/features/oauth Expand file tree Collapse file tree 1 file changed +2
-2
lines changed Original file line number Diff line number Diff line change @@ -99,7 +99,7 @@ export async function verifyAndExchangeCode({
9999 }
100100
101101 // RFC 8707: if a resource was bound to the auth code, the token request must present the same value.
102- if ( authCode . resource !== null && authCode . resource !== resource ) {
102+ if ( resource !== null && authCode . resource !== null && authCode . resource !== resource ) {
103103 return { error : 'invalid_target' , errorDescription : 'resource parameter does not match the value bound to the authorization code.' } ;
104104 }
105105
@@ -174,7 +174,7 @@ export async function verifyAndRotateRefreshToken({
174174 return { error : 'invalid_grant' , errorDescription : 'Refresh token has expired.' } ;
175175 }
176176
177- if ( existing . resource !== null && existing . resource !== resource ) {
177+ if ( resource !== null && existing . resource !== null && existing . resource !== resource ) {
178178 return { error : 'invalid_target' , errorDescription : 'resource parameter does not match the refresh token.' } ;
179179 }
180180
You can’t perform that action at this time.
0 commit comments