From 1fc3c922a957b55dd064efcc31c0d1651091aa4e Mon Sep 17 00:00:00 2001
From: Joseph Schorr <jschorr@gmail.com>
Date: Wed, 26 Mar 2014 16:45:11 -0400
Subject: [PATCH] Properly handle a redirect URI mismatch

---
 endpoints/web.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/endpoints/web.py b/endpoints/web.py
index 664a0968d..02d0ffd50 100644
--- a/endpoints/web.py
+++ b/endpoints/web.py
@@ -292,8 +292,11 @@ def request_authorization_code():
   if (not current_user.is_authenticated() or
       not provider.validate_has_scopes(client_id, current_user.db_user().username, scope)):
     if not provider.validate_redirect_uri(client_id, redirect_uri):
-      abort(404)
-      return
+      current_app = provider.get_application_for_client_id(client_id)
+      if not current_app:
+        abort(404)
+
+      return provider._make_redirect_error_response(current_app.redirect_uri, 'redirect_uri_mismatch')
 
     # Load the scope information.
     scope_info = scopes.get_scope_information(scope)