summaryrefslogtreecommitdiffstats
path: root/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs
diff options
context:
space:
mode:
Diffstat (limited to 'samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs')
-rw-r--r--samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs2
1 files changed, 1 insertions, 1 deletions
diff --git a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs
index d2583a2..e2e4325 100644
--- a/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs
+++ b/samples/OAuthAuthorizationServer/Code/OAuth2AuthorizationServer.cs
@@ -53,7 +53,7 @@
// NEVER issue an auto-approval to a client that would end up getting an access token immediately
// (without a client secret), as that would allow ANY client to spoof an approved client's identity
// and obtain unauthorized access to user data.
- if (EndUserAuthorizationRequest.ResponseType == EndUserAuthorizationResponseTypes.AuthorizationCode) {
+ if (authorizationRequest.ResponseType == EndUserAuthorizationResponseType.AuthorizationCode) {
// Never issue auto-approval if the client secret is blank, since that too makes it easy to spoof
// a client's identity and obtain unauthorized access.
var requestingClient = MvcApplication.DataContext.Clients.First(c => c.ClientIdentifier == authorizationRequest.ClientIdentifier);
generated by cgit v1.1 at 2025-05-20 17:45:01 +0000