versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2025-12-06 16:38:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(api): 🛂 Fix incorrect redirect URI passed to external OIDC providers, normalize issuer URL

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-06-10 15:58:51 -10:00
parent dae37d47a3
commit b3bace4d53
No known key found for this signature in database
3 changed files with 12 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
packages/config-manager/config.type.ts
View file

@ -99,7 +99,11 @@ export const configValidator = z.object({
z.object({ z.object({
name: z.string().min(1), name: z.string().min(1),
id: z.string().min(1), id: z.string().min(1),
url: z.string().min(1), url: z
.string()
.min(1)
// Remove trailing slashes
.transform((arg) => arg.replace(/\/$/, "")),
client_id: z.string().min(1), client_id: z.string().min(1),
client_secret: z.string().min(1), client_secret: z.string().min(1),
icon: z.string().min(1).optional(), icon: z.string().min(1).optional(),

4
packages/database-interface/oauth.ts
View file

@ -1,4 +1,3 @@
import { oauthRedirectUri } from "@/constants";
import { response } from "@/response"; import { response } from "@/response";
import type { InferInsertModel } from "drizzle-orm"; import type { InferInsertModel } from "drizzle-orm";
import { import {
@ -201,6 +200,7 @@ export class OAuthManager {
async automaticOidcFlow( async automaticOidcFlow(
flowId: string, flowId: string,
currentUrl: URL, currentUrl: URL,
redirectUrl: URL,
errorFn: ( errorFn: (
error: string, error: string,
message: string, message: string,
@ -234,7 +234,7 @@ export class OAuthManager {
const oidcResponse = await this.getOIDCResponse( const oidcResponse = await this.getOIDCResponse(
authServer, authServer,
this.issuer, this.issuer,
`${oauthRedirectUri(this.issuer.id)}?flow=${flow.id}`, redirectUrl.toString(),
flow.codeVerifier, flow.codeVerifier,
parameters, parameters,
); );

6
server/api/oauth/sso/:issuer/callback/index.ts
View file

@ -80,11 +80,15 @@ export default (app: Hono) =>
const userInfo = await manager.automaticOidcFlow( const userInfo = await manager.automaticOidcFlow(
flowId, flowId,
currentUrl, currentUrl,
currentUrl,
(error, message, app) => (error, message, app) =>
returnError( returnError(
{ {
redirect_uri: flow.application?.redirectUri,
client_id: flow.application?.clientId,
response_type: "code",
scope: flow.application?.scopes,
...manager.processOAuth2Error(app), ...manager.processOAuth2Error(app),
link: link ? "true" : undefined,
}, },
error, error,
message, message,