From 8a34d6f457704f44e69acac21eeb151fc3ad5c89 Mon Sep 17 00:00:00 2001
From: Shan Jayathilaka <shanchathusanda@gmail.com>
Date: Thu, 20 Feb 2020 15:28:11 +0530
Subject: [PATCH] Fix error response is not according to the spec in user
 denied consent scenario for hybrid flow

---
 .../wso2/carbon/identity/oauth/endpoint/util/EndpointUtil.java | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/util/EndpointUtil.java b/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/util/EndpointUtil.java
index 3dcd4ad23a3..3f8cc8f0b0a 100644
--- a/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/util/EndpointUtil.java
+++ b/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/util/EndpointUtil.java
@@ -447,7 +447,8 @@ public static String getErrorRedirectURL(OAuthProblemException ex, OAuth2Paramet
         try {
             if (params != null) {
                 if (isNotBlank(params.getRedirectURI())) {
-                    if (OAuth2Util.isImplicitResponseType(params.getResponseType())) {
+                    if (OAuth2Util.isImplicitResponseType(params.getResponseType()) ||
+                            OAuth2Util.isHybridResponseType(params.getResponseType())) {
                         if (OAuthServerConfiguration.getInstance().isImplicitErrorFragment()) {
                             redirectURL = OAuthASResponse.errorResponse(HttpServletResponse.SC_FOUND)
                                     .error(ex).location(params.getRedirectURI())