From 5a7b3d0f25c58874faad67f10eccdebe282db0b2 Mon Sep 17 00:00:00 2001
From: Jesse Wierzbinski <contact@cpluspatch.com>
Date: Mon, 10 Jun 2024 16:08:57 -1000
Subject: [PATCH] fix: :passport_control: Remove iss parameter from OIDC
 redirect URL

---
 server/api/oauth/sso/:issuer/callback/index.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/server/api/oauth/sso/:issuer/callback/index.ts b/server/api/oauth/sso/:issuer/callback/index.ts
index 797bb234..e8f645f4 100644
--- a/server/api/oauth/sso/:issuer/callback/index.ts
+++ b/server/api/oauth/sso/:issuer/callback/index.ts
@@ -72,6 +72,8 @@ export default (app: Hono) =>
 
             // Remove state query parameter from URL
             currentUrl.searchParams.delete("state");
+            // Remove issuer query parameter from URL (can cause redirect URI mismatches)
+            currentUrl.searchParams.delete("iss");
             const { issuer: issuerParam } = context.req.valid("param");
             const { flow: flowId, user_id, link } = context.req.valid("query");