versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2026-03-13 05:49:16 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(api): 🛂 Fix incorrect redirect URI passed to external OIDC providers, normalize issuer URL

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-06-10 15:58:51 -10:00
parent dae37d47a3
commit b3bace4d53
No known key found for this signature in database
3 changed files with 12 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

6
packages/config-manager/config.type.ts
View file

@ -99,7 +99,11 @@ export const configValidator = z.object({
z.object({
name: z.string().min(1),
id: z.string().min(1),
url: z.string().min(1),
url: z
.string()
.min(1)
// Remove trailing slashes
.transform((arg) => arg.replace(/\/$/, "")),
client_id: z.string().min(1),
client_secret: z.string().min(1),
icon: z.string().min(1).optional(),

4
packages/database-interface/oauth.ts
View file

@ -1,4 +1,3 @@
import { oauthRedirectUri } from "@/constants";
import { response } from "@/response";
import type { InferInsertModel } from "drizzle-orm";
import {
@ -201,6 +200,7 @@ export class OAuthManager {
async automaticOidcFlow(
flowId: string,
currentUrl: URL,
redirectUrl: URL,
errorFn: (
error: string,
message: string,
@ -234,7 +234,7 @@ export class OAuthManager {
const oidcResponse = await this.getOIDCResponse(
authServer,
this.issuer,
`${oauthRedirectUri(this.issuer.id)}?flow=${flow.id}`,
redirectUrl.toString(),
flow.codeVerifier,
parameters,
);