From f293288589f24e1928b57dcd3428b762ae9ced79 Mon Sep 17 00:00:00 2001
From: Shinya Maeda <shinya@gitlab.com>
Date: Fri, 6 Oct 2017 21:28:40 +0900
Subject: Security fix: redirection in google_api/authorizations_controller

---
 lib/google_api/cloud_platform/client.rb | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'lib/google_api')

diff --git a/lib/google_api/cloud_platform/client.rb b/lib/google_api/cloud_platform/client.rb
index 5ec1fa37546..6d0c148b261 100644
--- a/lib/google_api/cloud_platform/client.rb
+++ b/lib/google_api/cloud_platform/client.rb
@@ -15,6 +15,11 @@ module GoogleApi
         def session_key_for_expires_at
           :cloud_platform_expires_at
         end
+
+        def session_key_for_second_redirect_uri(secure: nil)
+          secure = SecureRandom.hex unless secure
+          return "cloud_platform_second_redirect_uri_#{secure}", secure
+        end
       end
 
       def scope
-- 
cgit v1.2.1