improve invalid code_challenge error

ccims · Aug 4, 2024 · 393375a · 393375a
1 parent 7fcccca
commit 393375a
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/backend/src/api-oauth/oauth-token-authorization-code.middleware.ts b/backend/src/api-oauth/oauth-token-authorization-code.middleware.ts
@@ -193,6 +193,10 @@ export class OAuthTokenAuthorizationCodeMiddleware extends StateMiddleware<{ cli
                 this.logger.warn("Code verifier missing");
                 throw new OAuthHttpException("invalid_request", "Code verifier missing");
             }
+            if (typeof codeVerifier !== "string") {
+                this.logger.warn("Code verifier is not a string");
+                throw new OAuthHttpException("invalid_request", "Code verifier has invalid format");
+            }
             const decryptedCodeChallenge = this.encryptionService.decrypt(tokenData.codeChallenge);
             const codeChallenge = this.tokenService.calculateCodeChallenge(codeVerifier);
             if (decryptedCodeChallenge !== codeChallenge) {