From abb54f007305eabd77996623dd20cbe45345e82a Mon Sep 17 00:00:00 2001
From: Chad Scharf <3904944+cscharf@users.noreply.github.com>
Date: Mon, 23 Nov 2020 16:45:09 -0500
Subject: [PATCH] Add normalized state compare for CLI (#211)

---
 src/cli/commands/login.command.ts | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/cli/commands/login.command.ts b/src/cli/commands/login.command.ts
index 396e37d2f2..0f58cb361b 100644
--- a/src/cli/commands/login.command.ts
+++ b/src/cli/commands/login.command.ts
@@ -262,7 +262,7 @@ export class LoginCommand {
                 const code = url.searchParams.get('code');
                 const receivedState = url.searchParams.get('state');
                 res.setHeader('Content-Type', 'text/html');
-                if (code != null && receivedState != null && receivedState === state) {
+                if (code != null && receivedState != null && this.checkState(receivedState, state)) {
                     res.writeHead(200);
                     res.end('<html><head><title>Success | Bitwarden CLI</title></head><body>' +
                         '<h1>Successfully authenticated with the Bitwarden CLI</h1>' +
@@ -300,4 +300,17 @@ export class LoginCommand {
             }
         });
     }
+
+    private checkState(state: string, checkState: string): boolean {
+        if (state === null || state === undefined) {
+            return false;
+        }
+        if (checkState === null || checkState === undefined) {
+            return false;
+        }
+
+        const stateSplit = state.split('_identifier=');
+        const checkStateSplit = checkState.split('_identifier=');
+        return stateSplit[0] === checkStateSplit[0];
+    }
 }