From d92fbf64c1d695d7ae6a26c99f1e90652bc2f44d Mon Sep 17 00:00:00 2001
From: Alex Wyett <alex@carltonsoftware.co.uk>
Date: Mon, 9 Mar 2020 10:38:42 +0000
Subject: [PATCH] Update OAuth2.php

Fix valid uri check if storedUris contains multiple values.
---
 lib/OAuth2.php | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/lib/OAuth2.php b/lib/OAuth2.php
index 92b8c79..ffd4088 100644
--- a/lib/OAuth2.php
+++ b/lib/OAuth2.php
@@ -1433,8 +1433,11 @@ protected function validateRedirectUri($inputUri, $storedUris)
 
         foreach ($storedUris as $storedUri) {
             if (strcasecmp(substr($inputUri, 0, strlen($storedUri)), $storedUri) === 0) {
-                return parse_url($inputUri, PHP_URL_HOST) === parse_url($storedUri, PHP_URL_HOST) &&
-                    parse_url($inputUri, PHP_URL_PORT) === parse_url($storedUri, PHP_URL_PORT);
+                if (parse_url($inputUri, PHP_URL_HOST) === parse_url($storedUri, PHP_URL_HOST) 
+                    && parse_url($inputUri, PHP_URL_PORT) === parse_url($storedUri, PHP_URL_PORT)
+                ) {
+                    return true;   
+                }
             }
         }