From ae4f6202f88e330a4b4308d23194de3db6a8aa87 Mon Sep 17 00:00:00 2001
From: Warren Parad <gpg@warrenparad.net>
Date: Tue, 3 Sep 2024 12:47:31 +0200
Subject: [PATCH] Fix iss checking.

---
 src/index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/index.js b/src/index.js
index dee4935..64d3567 100644
--- a/src/index.js
+++ b/src/index.js
@@ -329,7 +329,7 @@ class LoginClient {
     }
 
     // We are in the Authress authentication context. We might not have a code and we might not have other properties depending on the login path, so this check let's us ensure we delete all url parameters that aren't necessary, and since this will happen even outside of an auth exchange, let's also check for containing the matching iss
-    if (authRequest.nonce || urlSearchParams.get('iss').includes(this.hostUrl)) {
+    if (authRequest.nonce || urlSearchParams.get('iss') && urlSearchParams.get('iss').includes(this.hostUrl)) {
       this.sanitizeQueryParameters();
     }