0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2024-12-16 20:26:19 -05:00

fix(core): fix protected app callback uri (#5308)

This commit is contained in:
wangsijie 2024-01-25 18:14:34 +08:00 committed by GitHub
parent 880e890321
commit 8fb032da7a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 21 additions and 9 deletions

View file

@ -13,6 +13,7 @@ import type {
} from '@logto/schemas';
import { RoleType, ApplicationType, LogtoOidcConfigKey, DomainStatus } from '@logto/schemas';
import { protectedAppSignInCallbackUrl } from '#src/constants/index.js';
import { mockId } from '#src/test-utils/nanoid.js';
export * from './connector.js';
@ -54,7 +55,7 @@ export const mockProtectedApplication: Omit<Application, 'protectedAppMetadata'>
type: ApplicationType.Protected,
description: null,
oidcClientMetadata: {
redirectUris: ['https://mock.protected.dev/callback'],
redirectUris: [`https://mock.protected.dev/${protectedAppSignInCallbackUrl}`],
postLogoutRedirectUris: ['https://mock.protected.dev'],
},
customClientMetadata: {

View file

@ -0,0 +1 @@
export const protectedAppSignInCallbackUrl = 'sign-in-callback';

View file

@ -7,6 +7,7 @@ import {
mockCustomDomain,
mockProtectedApplication,
} from '#src/__mocks__/index.js';
import { protectedAppSignInCallbackUrl } from '#src/constants/index.js';
import RequestError from '#src/errors/RequestError/index.js';
import {
defaultProtectedAppPageRules,
@ -172,7 +173,7 @@ describe('checkAndBuildProtectedAppData()', () => {
pageRules: defaultProtectedAppPageRules,
},
oidcClientMetadata: {
redirectUris: [`https://${host}/callback`],
redirectUris: [`https://${host}/${protectedAppSignInCallbackUrl}`],
postLogoutRedirectUris: [`https://${host}`],
},
});

View file

@ -6,6 +6,7 @@ import {
} from '@logto/schemas';
import { isValidSubdomain } from '@logto/shared';
import { protectedAppSignInCallbackUrl } from '#src/constants/index.js';
import { EnvSet, getTenantEndpoint } from '#src/env-set/index.js';
import RequestError from '#src/errors/RequestError/index.js';
import {
@ -197,7 +198,7 @@ export const createProtectedAppLibrary = (queries: Queries) => {
pageRules: defaultProtectedAppPageRules,
},
oidcClientMetadata: {
redirectUris: [`https://${host}/callback`],
redirectUris: [`https://${host}/${protectedAppSignInCallbackUrl}`],
postLogoutRedirectUris: [`https://${host}`],
},
};

View file

@ -9,6 +9,7 @@ import { MockTenant } from '#src/test-utils/tenant.js';
const { jest } = import.meta;
const mockDomain = 'app.example.com';
const protectedAppSignInCallbackUrl = 'sign-in-callback';
const updateApplicationById = jest.fn();
const findApplicationById = jest.fn(async () => mockProtectedApplication);
@ -109,8 +110,8 @@ describe('application protected app metadata routes', () => {
`https://${mockDomain}`,
],
redirectUris: [
`https://${mockProtectedApplication.protectedAppMetadata.host}/callback`,
`https://${mockDomain}/callback`,
`https://${mockProtectedApplication.protectedAppMetadata.host}/${protectedAppSignInCallbackUrl}`,
`https://${mockDomain}/${protectedAppSignInCallbackUrl}`,
],
},
});
@ -169,7 +170,9 @@ describe('application protected app metadata routes', () => {
},
oidcClientMetadata: {
postLogoutRedirectUris: [`https://${mockProtectedApplication.protectedAppMetadata.host}`],
redirectUris: [`https://${mockProtectedApplication.protectedAppMetadata.host}/callback`],
redirectUris: [
`https://${mockProtectedApplication.protectedAppMetadata.host}/${protectedAppSignInCallbackUrl}`,
],
},
});
expect(deleteDomainFromRemote).toHaveBeenCalledWith(mockCloudflareData.id);

View file

@ -1,6 +1,7 @@
import { customDomainsGuard } from '@logto/schemas';
import { z } from 'zod';
import { protectedAppSignInCallbackUrl } from '#src/constants/index.js';
import RequestError from '#src/errors/RequestError/index.js';
import koaGuard from '#src/middleware/koa-guard.js';
import assertThat from '#src/utils/assert-that.js';
@ -94,7 +95,10 @@ export default function applicationProtectedAppMetadataRoutes<T extends AuthedRo
await updateApplicationById(id, {
protectedAppMetadata: { ...protectedAppMetadata, customDomains: [customDomain] },
oidcClientMetadata: {
redirectUris: [...oidcClientMetadata.redirectUris, `https://${domain}/callback`],
redirectUris: [
...oidcClientMetadata.redirectUris,
`https://${domain}/${protectedAppSignInCallbackUrl}`,
],
postLogoutRedirectUris: [
...oidcClientMetadata.postLogoutRedirectUris,
`https://${domain}`,
@ -153,7 +157,7 @@ export default function applicationProtectedAppMetadataRoutes<T extends AuthedRo
oidcClientMetadata: {
...oidcClientMetadata,
redirectUris: oidcClientMetadata.redirectUris.filter(
(uri) => uri !== `https://${domain}/callback`
(uri) => uri !== `https://${domain}/${protectedAppSignInCallbackUrl}`
),
postLogoutRedirectUris: oidcClientMetadata.postLogoutRedirectUris.filter(
(uri) => uri !== `https://${domain}`

View file

@ -8,6 +8,7 @@ import {
mockCustomDomain,
mockProtectedApplication,
} from '#src/__mocks__/index.js';
import { protectedAppSignInCallbackUrl } from '#src/constants/index.js';
import { mockId, mockIdGenerators } from '#src/test-utils/nanoid.js';
import { createMockQuotaLibrary } from '#src/test-utils/quota.js';
import { MockTenant } from '#src/test-utils/tenant.js';
@ -137,7 +138,7 @@ describe('application route', () => {
type,
protectedAppMetadata,
oidcClientMetadata: {
redirectUris: [`https://${protectedAppMetadata.host}/callback`],
redirectUris: [`https://${protectedAppMetadata.host}/${protectedAppSignInCallbackUrl}`],
postLogoutRedirectUris: [`https://${protectedAppMetadata.host}`],
},
});