versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2025-12-06 08:28:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(api): 🐛 Fix incorrect OAuth2 linking logic

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-05-16 20:58:27 -10:00
parent 2db4f25ba6
commit d4e1c0d95d
No known key found for this signature in database
2 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
packages/database-interface/oauth.ts
View file

@ -150,7 +150,7 @@ export class OAuthManager {
const { flow, userInfo } = oidcFlowData;
// Check if userId is equal to application.clientId
if ((flow.application?.clientId ?? "") !== userId) {
if (!flow.application?.clientId.startsWith(userId)) {
return response(null, 302, {
Location: `${config.http.base_url}${
config.frontend.routes.home

3
server/api/oauth/sso/index.ts
View file

@ -30,6 +30,9 @@ export const schemas = {
query: z.object({
issuer: z.string(),
client_id: z.string().optional(),
redirect_uri: z.string().url().optional(),
scope: z.string().optional(),
response_type: z.enum(["code"]).optional(),
}),
};