fix issuer check

2017-06-22 13:41:22 +02:00 · 2017-06-22 13:41:22 +02:00 · 9587e13780
parent 68fdf61c9a
commit 9587e13780
1 changed files with 1 additions and 1 deletions
--- a/src/authentic2_auth_fc/models.py
+++ b/src/authentic2_auth_fc/models.py
@ -48,7 +48,7 @@ def parse_id_token(id_token, client_id=None, client_secret=None):
    if 'exp' not in payload or parse_timestamp(payload['exp']) < now():
        return None, 'id_token is expired'
    parsed = urlparse.urlparse(app_settings.authorize_url)
-    if 'iss' not in payload or payload['iss'] != '%s://%s/' % (parsed.scheme, parsed.netloc):
+    if 'iss' not in payload or payload['iss'] != '%s://%s' % (parsed.scheme, parsed.netloc):
        return None, 'wrong issuer received, %r' % payload['iss']
    return payload, None