From 63b1adecea3a17a4b32b6553c4766574dafa173c Mon Sep 17 00:00:00 2001
From: Michael <heluecht@pirati.ca>
Date: Fri, 25 Oct 2024 19:52:47 +0000
Subject: [PATCH] Issue 14478: Fix OAuth registration with Buffer

---
 src/Security/OAuth.php | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/Security/OAuth.php b/src/Security/OAuth.php
index 2add1ce584..9a50a438d7 100644
--- a/src/Security/OAuth.php
+++ b/src/Security/OAuth.php
@@ -129,8 +129,9 @@ class OAuth
 			return [];
 		}
 
-		// The redirect_uri could contain several URI that are separated by spaces.
-		if (($application['redirect_uri'] != $redirect_uri) && !in_array($redirect_uri, explode(' ', $application['redirect_uri']))) {
+		// The redirect_uri could contain several URI that are separated by spaces or new lines.
+		$uris = explode(' ', str_replace(["\n", "\r", "\t"], ' ', $application['redirect_uri']));
+		if (!in_array($redirect_uri, $uris)) {
 			Logger::warning('Redirection uri does not match', ['redirect_uri' => $redirect_uri, 'application-redirect_uri' => $application['redirect_uri']]);
 			return [];
 		}