From ee980e2a002d6d57bc3d968a149b57c10ebac845 Mon Sep 17 00:00:00 2001 From: kolaente Date: Sun, 28 Jan 2024 12:42:39 +0100 Subject: [PATCH] fix(openid): use the calculated redirect url when authenticating with openid providers Resolves https://github.com/go-vikunja/desktop/issues/12 --- src/helpers/redirectToProvider.ts | 13 +++++++++---- src/stores/auth.ts | 11 ++++++++++- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/src/helpers/redirectToProvider.ts b/src/helpers/redirectToProvider.ts index efd1f622f..236394de8 100644 --- a/src/helpers/redirectToProvider.ts +++ b/src/helpers/redirectToProvider.ts @@ -2,17 +2,22 @@ import {createRandomID} from '@/helpers/randomId' import type {IProvider} from '@/types/IProvider' import {parseURL} from 'ufo' -export const redirectToProvider = (provider: IProvider) => { - +export function getRedirectUrlFromCurrentFrontendPath(provider: IProvider): string { // We're not using the redirect url provided by the server to allow redirects when using the electron app. // The implications are not quite clear yet hence the logic to pass in another redirect url still exists. const url = parseURL(window.location.href) - const redirectUrl = `${url.protocol}//${url.host}/auth/openid/` + return `${url.protocol}//${url.host}/auth/openid/${provider.key}` +} +export const redirectToProvider = (provider: IProvider) => { + + console.log({provider}) + + const redirectUrl = getRedirectUrlFromCurrentFrontendPath(provider) const state = createRandomID(24) localStorage.setItem('state', state) - window.location.href = `${provider.authUrl}?client_id=${provider.clientId}&redirect_uri=${redirectUrl}${provider.key}&response_type=code&scope=openid email profile&state=${state}` + window.location.href = `${provider.authUrl}?client_id=${provider.clientId}&redirect_uri=${redirectUrl}&response_type=code&scope=openid email profile&state=${state}` } export const redirectToProviderOnLogout = (provider: IProvider) => { if (provider.logoutUrl.length > 0) { diff --git a/src/stores/auth.ts b/src/stores/auth.ts index b6f2ede70..e7d25a8a4 100644 --- a/src/stores/auth.ts +++ b/src/stores/auth.ts @@ -9,7 +9,11 @@ import UserSettingsService from '@/services/userSettings' import {getToken, refreshToken, removeToken, saveToken} from '@/helpers/auth' import {setModuleLoading} from '@/stores/helper' import {success} from '@/message' -import {redirectToProvider, redirectToProviderOnLogout} from '@/helpers/redirectToProvider' +import { + getRedirectUrlFromCurrentFrontendPath, + redirectToProvider, + redirectToProviderOnLogout, +} from '@/helpers/redirectToProvider' import {AUTH_TYPES, type IUser} from '@/modelTypes/IUser' import type {IUserSettings} from '@/modelTypes/IUserSettings' import router from '@/router' @@ -17,6 +21,7 @@ import {useConfigStore} from '@/stores/config' import UserSettingsModel from '@/models/userSettings' import {MILLISECONDS_A_SECOND} from '@/constants/date' import {PrefixMode} from '@/modules/parseTaskText' +import type {IProvider} from '@/types/IProvider' function redirectToProviderIfNothingElseIsEnabled() { const {auth} = useConfigStore() @@ -180,8 +185,12 @@ export const useAuthStore = defineStore('auth', () => { const HTTP = HTTPFactory() setIsLoading(true) + const {auth} = useConfigStore() + const fullProvider: IProvider = auth.openidConnect.providers.find((p: IProvider) => p.key === provider) + const data = { code: code, + redirect_url: getRedirectUrlFromCurrentFrontendPath(fullProvider), } // Delete an eventually preexisting old token