From 0cce90bdfc901a2d1ea254942797cfc36282020b Mon Sep 17 00:00:00 2001
From: Yousef <yousefdardiry@gmail.com>
Date: Mon, 29 Jul 2019 11:30:28 +0200
Subject: [PATCH] Update authorize-handler.js

fixes https://github.com/oauthjs/node-oauth2-server/issues/456
---
 lib/handlers/authorize-handler.js | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/lib/handlers/authorize-handler.js b/lib/handlers/authorize-handler.js
index 984136a8d..0bdea2b90 100644
--- a/lib/handlers/authorize-handler.js
+++ b/lib/handlers/authorize-handler.js
@@ -78,10 +78,6 @@ AuthorizeHandler.prototype.handle = function(request, response) {
     throw new InvalidArgumentError('Invalid argument: `response` must be an instance of Response');
   }
 
-  if ('false' === request.query.allowed) {
-    return Promise.reject(new AccessDeniedError('Access denied: user denied access to application'));
-  }
-
   var fns = [
     this.getAuthorizationCodeLifetime(),
     this.getClient(request),
@@ -97,6 +93,16 @@ AuthorizeHandler.prototype.handle = function(request, response) {
       var ResponseType;
 
       return Promise.bind(this)
+	.then(function() {
+          state = this.getState(request);
+        })
+        .then(function() {
+	  if ("false" === request.query.allowed) {
+	    throw new AccessDeniedError(
+	      "Access denied: user denied access to application"
+	    );
+	  }
+	})
 	.then(function() {
           scope = this.getScope(request);