development/vscode
development/vscode
1
0
Fork 0
mirror of https://github.com/Microsoft/vscode synced 2024-08-27 04:49:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

just return if the acceptedStates don't match fixes #126084

Browse source
This commit is contained in:
Tyler Leonhardt 2021-06-28 17:12:06 -07:00
parent 7b23d73902
commit 6b6be7efe1
No known key found for this signature in database
GPG key ID: 1BC2B6244363E77E
1 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
extensions/github-authentication/src/githubServer.ts
View file

@ -120,17 +120,22 @@ export class GitHubServer {
private exchangeCodeForToken: (scopes: string) => PromiseAdapter<vscode.Uri, string> =
(scopes) => async (uri, resolve, reject) => {
Logger.info('Exchanging code for token...');
const query = parseQuery(uri);
const code = query.code;
const acceptedStates = this._pendingStates.get(scopes) || [];
if (!acceptedStates.includes(query.state)) {
reject('Received mismatched state');
// A common scenario of this happening is if you:
// 1. Trigger a sign in with one set of scopes
// 2. Before finishing 1, you trigger a sign in with a different set of scopes
// In this scenario we should just return and wait for the next UriHandler event
// to run as we are probably still waiting on the user to hit 'Continue'
Logger.info('State not found in accepted state. Skipping this execution...');
return;
}
const url = `https://${AUTH_RELAY_SERVER}/token?code=${code}&state=${query.state}`;
Logger.info('Exchanging code for token...');
// TODO@joao: remove
if (query.nocors) {