Update AttachRedirectUri to use ValidateAuthorizationRequestContext.IsRejected

7 years ago · 4284800ecb
2 changed files with 2 additions and 2 deletions
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Authentication.cs
@ -1629,7 +1629,7 @@ namespace OpenIddict.Server

                    // Note: at this stage, the validated redirect URI property may be null (e.g if an error
                    // is returned from the ExtractAuthorizationRequest/ValidateAuthorizationRequest events).
-                    if (!string.IsNullOrEmpty(notification?.RedirectUri))
+                    if (notification != null && !notification.IsRejected)
                    {
                        context.RedirectUri = notification.RedirectUri;
                    }
--- a/src/OpenIddict.Server/OpenIddictServerHandlers.Session.cs
+++ b/src/OpenIddict.Server/OpenIddictServerHandlers.Session.cs
@ -528,7 +528,7 @@ namespace OpenIddict.Server

                    // Note: at this stage, the validated redirect URI property may be null (e.g if
                    // an error is returned from the ExtractLogoutRequest/ValidateLogoutRequest events).
-                    if (!string.IsNullOrEmpty(notification?.PostLogoutRedirectUri))
+                    if (notification != null && !notification.IsRejected)
                    {
                        context.PostLogoutRedirectUri = notification.PostLogoutRedirectUri;
                    }