From 840892ab887680935df516f6942eb3563b7bf96b Mon Sep 17 00:00:00 2001
From: JoramWilander <jwawilander@gmail.com>
Date: Wed, 7 Feb 2018 16:21:22 -0500
Subject: Increase OAuth2 state parameter limit

---
 model/authorize.go      | 2 +-
 model/authorize_test.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

(limited to 'model')

diff --git a/model/authorize.go b/model/authorize.go
index 2296e7e22..9fd5afa70 100644
--- a/model/authorize.go
+++ b/model/authorize.go
@@ -62,7 +62,7 @@ func (ad *AuthData) IsValid() *AppError {
 		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.redirect_uri.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
 	}
 
-	if len(ad.State) > 128 {
+	if len(ad.State) > 1024 {
 		return NewAppError("AuthData.IsValid", "model.authorize.is_valid.state.app_error", nil, "client_id="+ad.ClientId, http.StatusBadRequest)
 	}
 
diff --git a/model/authorize_test.go b/model/authorize_test.go
index 3f43a4fc3..81e059305 100644
--- a/model/authorize_test.go
+++ b/model/authorize_test.go
@@ -115,7 +115,7 @@ func TestAuthIsValid(t *testing.T) {
 		t.Fatal(err)
 	}
 
-	ad.Scope = NewRandomString(129)
+	ad.Scope = NewRandomString(1025)
 	if err := ad.IsValid(); err == nil {
 		t.Fatal("Should have failed invalid Scope")
 	}
-- 
cgit v1.2.3-1-g7c22