Infrastructure/pingvin-share
0
Fork 0
mirror of https://github.com/stonith404/pingvin-share.git synced 2025-02-19 01:55:48 -05:00
Code Issues Activity

fix(oauth): fix wrong redirectUri in oidc after change appUrl (#296)

Browse source
This commit is contained in:
Qing Fu 2023-10-23 03:20:50 +08:00 committed by GitHub
parent e89e313712
commit 119b1ec840
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
backend/src/oauth/provider/genericOidc.provider.ts
View file

@ -9,7 +9,6 @@ import { OAuthProvider, OAuthToken } from "./oauthProvider.interface";
import { OAuthSignInDto } from "../dto/oauthSignIn.dto"; import { OAuthSignInDto } from "../dto/oauthSignIn.dto";
export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> { export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
protected redirectUri: string;
protected discoveryUri: string; protected discoveryUri: string;
private configuration: OidcConfigurationCache; private configuration: OidcConfigurationCache;
private jwk: OidcJwkCache; private jwk: OidcJwkCache;
@ -22,9 +21,6 @@ export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
protected cache: Cache, protected cache: Cache,
) { ) {
this.discoveryUri = this.getDiscoveryUri(); this.discoveryUri = this.getDiscoveryUri();
this.redirectUri = `${this.config.get(
"general.appUrl",
)}/api/oauth/callback/${this.name}`;
this.config.addListener("update", (key: string, _: unknown) => { this.config.addListener("update", (key: string, _: unknown) => {
if (this.keyOfConfigUpdateEvents.includes(key)) { if (this.keyOfConfigUpdateEvents.includes(key)) {
this.deinit(); this.deinit();
@ -33,6 +29,12 @@ export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
}); });
} }
protected getRedirectUri(): string {
return `${this.config.get("general.appUrl")}/api/oauth/callback/${
this.name
}`;
}
async getConfiguration(): Promise<OidcConfiguration> { async getConfiguration(): Promise<OidcConfiguration> {
if (!this.configuration || this.configuration.expires < Date.now()) { if (!this.configuration || this.configuration.expires < Date.now()) {
await this.fetchConfiguration(); await this.fetchConfiguration();
@ -65,7 +67,7 @@ export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
client_id: this.config.get(`oauth.${this.name}-clientId`), client_id: this.config.get(`oauth.${this.name}-clientId`),
response_type: "code", response_type: "code",
scope: "openid profile email", scope: "openid profile email",
redirect_uri: this.redirectUri, redirect_uri: this.getRedirectUri(),
state, state,
nonce, nonce,
}).toString() }).toString()
@ -85,7 +87,7 @@ export abstract class GenericOidcProvider implements OAuthProvider<OidcToken> {
client_secret: this.config.get(`oauth.${this.name}-clientSecret`), client_secret: this.config.get(`oauth.${this.name}-clientSecret`),
grant_type: "authorization_code", grant_type: "authorization_code",
code: query.code, code: query.code,
redirect_uri: this.redirectUri, redirect_uri: this.getRedirectUri(),
}).toString(), }).toString(),
}); });
const token: OidcToken = await res.json(); const token: OidcToken = await res.json();