From ddbb72ece1995cf6ac7d1188b4c6331dac08fd62 Mon Sep 17 00:00:00 2001
From: arzumify <jliwin98@hectabit.org>
Date: Sun, 31 Mar 2024 13:24:09 +0100
Subject: [PATCH] Finally done

---
 main | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/main b/main
index ee384a3..7987c98 100644
--- a/main
+++ b/main
@@ -328,22 +328,22 @@ async def apitokenexchange():
 
         if verifycode:
             if str(login_data["pkce"]) == "none":
-                return 400
+                return {}, 400
             else:
                 if str(login_data["pkcemethod"]) == "S256":
-                    if str(sha256_base64(code_verify)) != str(login_data["code"]):
-                        return 403
+                    if str(sha256_base64(code_verify)) != str(login_data["pkce"]):
+                        return {}, 403
                 elif str(login_data["pkcemethod"]) == "plain":
-                    if str(code_verify) != str(login_data["code"]):
-                        return 403
+                    if str(code_verify) != str(login_data["pkce"]):
+                        return {}, 403
                 else:
-                    return 501
+                    return {}, 501
         else:
             if not oauth_data["secret"] == secret:
                 return {}, 401
 
         newkey = str(secrets.token_hex(512))
-        conn.execute("UPDATE logins SET secret = ?, nextsecret = ? WHERE appId = ? AND secret = ?", (str(newkey), str(secrets.token_hex(512)), str(appId), str(secret)))
+        conn.execute("UPDATE logins SET secret = ?, nextsecret = ? WHERE appId = ? AND secret = ?", (str(newkey), str(secrets.token_hex(512)), str(appId), str(code)))
 
         conn.close()