lib/rodauth/features/oauth_assertion_base.rb in rodauth-oauth-0.8.0 vs lib/rodauth/features/oauth_assertion_base.rb in rodauth-oauth-0.9.0
- old
+ new
@@ -53,10 +53,10 @@
login_column => subject
)
end
def create_oauth_token(grant_type)
- return super unless assertion_grant_type?(grant_type)
+ return super unless assertion_grant_type?(grant_type) && supported_grant_type?(grant_type)
account = __send__(:"account_from_#{assertion_grant_type}_assertion", param("assertion"))
redirect_response_error("invalid_grant") unless account