From 57db98e98dad11b4785adaa0eeb056f2b0916c2a Mon Sep 17 00:00:00 2001
From: Timo Stark <timo.stark@myses.de>
Date: Thu, 3 Feb 2022 05:43:43 +0100
Subject: [PATCH] Fix: unhandled exception if `code` is not present

In case of an error the `auth_code` will not be sent back from the IdP
with the `_codexch` requeset. Checking the length will result in an
unhandled exception. Checking undefined before the length.
---
 openid_connect.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/openid_connect.js b/openid_connect.js
index 5978836..54c395d 100644
--- a/openid_connect.js
+++ b/openid_connect.js
@@ -103,7 +103,7 @@ function auth(r) {
 
 function codeExchange(r) {
     // First check that we received an authorization code from the IdP
-    if (r.variables.arg_code.length == 0) {
+    if (r.variables.arg_code == undefined || r.variables.arg_code.length == 0) {
         if (r.variables.arg_error) {
             r.error("OIDC error receiving authorization code from IdP: " + r.variables.arg_error_description);
         } else {