From 664ce673efbbde142e31b6ef96215ec90308cb19 Mon Sep 17 00:00:00 2001 From: Benjamin Dauvergne Date: Sat, 2 Jul 2022 10:54:50 +0200 Subject: [PATCH] idp_oidc: do not delete code on resolution by token endpoint (#66893) --- src/authentic2_idp_oidc/views.py | 1 - 1 file changed, 1 deletion(-) diff --git a/src/authentic2_idp_oidc/views.py b/src/authentic2_idp_oidc/views.py index 1305b196..4a8fa1a9 100644 --- a/src/authentic2_idp_oidc/views.py +++ b/src/authentic2_idp_oidc/views.py @@ -733,7 +733,6 @@ def tokens_from_authz_code(request): raise InvalidRequest(_('Parameter "code" is invalid'), client=client) if not oidc_code.is_valid(): raise InvalidRequest(_('Parameter "code" has expired or user is disconnected'), client=client) - models.OIDCCode.objects.filter(uuid=code).delete() redirect_uri = request.POST.get('redirect_uri') if oidc_code.redirect_uri != redirect_uri: raise InvalidRequest(_('Parameter "redirect_uri" does not match the code.'), client=client) -- 2.35.1