fix(openid): use the calculated redirect url when authenticating with openid providers

Resolves https://github.com/go-vikunja/desktop/issues/12
2024-01-28 12:42:39 +01:00 · 2024-01-28 12:42:39 +01:00 · ee980e2a00
parent 394dbe0055
commit ee980e2a00
2 changed files with 19 additions and 5 deletions
--- a/src/helpers/redirectToProvider.ts
+++ b/src/helpers/redirectToProvider.ts
@ -2,17 +2,22 @@ import {createRandomID} from '@/helpers/randomId'
 import type {IProvider} from '@/types/IProvider'
 import {parseURL} from 'ufo'

-export const redirectToProvider = (provider: IProvider) => {
-
+export function getRedirectUrlFromCurrentFrontendPath(provider: IProvider): string {
 	// We're not using the redirect url provided by the server to allow redirects when using the electron app.
 	// The implications are not quite clear yet hence the logic to pass in another redirect url still exists.
 	const url = parseURL(window.location.href)
-	const redirectUrl = `${url.protocol}//${url.host}/auth/openid/`
+	return `${url.protocol}//${url.host}/auth/openid/${provider.key}`
+}

+export const redirectToProvider = (provider: IProvider) => {
+
+	console.log({provider})
+
+	const redirectUrl = getRedirectUrlFromCurrentFrontendPath(provider)
 	const state = createRandomID(24)
 	localStorage.setItem('state', state)

-	window.location.href = `${provider.authUrl}?client_id=${provider.clientId}&redirect_uri=${redirectUrl}${provider.key}&response_type=code&scope=openid email profile&state=${state}`
+	window.location.href = `${provider.authUrl}?client_id=${provider.clientId}&redirect_uri=${redirectUrl}&response_type=code&scope=openid email profile&state=${state}`
 }
 export const redirectToProviderOnLogout = (provider: IProvider) => {
 	if (provider.logoutUrl.length > 0) {
--- a/src/stores/auth.ts
+++ b/src/stores/auth.ts
@ -9,7 +9,11 @@ import UserSettingsService from '@/services/userSettings'
 import {getToken, refreshToken, removeToken, saveToken} from '@/helpers/auth'
 import {setModuleLoading} from '@/stores/helper'
 import {success} from '@/message'
-import {redirectToProvider, redirectToProviderOnLogout} from '@/helpers/redirectToProvider'
+import {
+	getRedirectUrlFromCurrentFrontendPath,
+	redirectToProvider,
+	redirectToProviderOnLogout,
+} from '@/helpers/redirectToProvider'
 import {AUTH_TYPES, type IUser} from '@/modelTypes/IUser'
 import type {IUserSettings} from '@/modelTypes/IUserSettings'
 import router from '@/router'
@ -17,6 +21,7 @@ import {useConfigStore} from '@/stores/config'
 import UserSettingsModel from '@/models/userSettings'
 import {MILLISECONDS_A_SECOND} from '@/constants/date'
 import {PrefixMode} from '@/modules/parseTaskText'
+import type {IProvider} from '@/types/IProvider'

 function redirectToProviderIfNothingElseIsEnabled() {
 	const {auth} = useConfigStore()
@ -180,8 +185,12 @@ export const useAuthStore = defineStore('auth', () => {
 		const HTTP = HTTPFactory()
 		setIsLoading(true)

+		const {auth} = useConfigStore()
+		const fullProvider: IProvider = auth.openidConnect.providers.find((p: IProvider) => p.key === provider)
+
 		const data = {
 			code: code,
+			redirect_url: getRedirectUrlFromCurrentFrontendPath(fullProvider),
 		}

 		// Delete an eventually preexisting old token