File tree 1 file changed +7
-5
lines changed
1 file changed +7
-5
lines changed Original file line number Diff line number Diff line change @@ -32,14 +32,16 @@ def login():
3232
3333@app .route (app_config .REDIRECT_PATH ) # Its absolute URL must match your app's redirect_uri set in AAD
3434def authorized ():
35- if ("flow" in session and ("code" in request .args or "error" in request .args )
36- and request .args .get ('state' ) == session ["flow" ].get ("state" )):
35+ try :
3736 cache = _load_cache ()
38- result = _build_msal_app (cache = cache ).acquire_token_by_auth_code_flow (session ["flow" ], request .args )
39- if "error" in result : # Authentication/Authorization failure
40- return render_template ("auth_error.html" , result = result )
37+ result = _build_msal_app (cache = cache ).acquire_token_by_auth_code_flow (
38+ session .get ("flow" , {}), request .args )
39+ if "error" in result :
40+ return render_template ("error.html" , result )
4141 session ["user" ] = result .get ("id_token_claims" )
4242 _save_cache (cache )
43+ except ValueError : # Usually caused by CSRF
44+ pass # Simply ignore them
4345 return redirect (url_for ("index" ))
4446
4547@app .route ("/logout" )
You can’t perform that action at this time.
0 commit comments