diff --git a/frontend/src/lib/hooks/oidc.ts b/frontend/src/lib/hooks/oidc.ts index 3090eae..99c5237 100644 --- a/frontend/src/lib/hooks/oidc.ts +++ b/frontend/src/lib/hooks/oidc.ts @@ -1,15 +1,14 @@ import { z } from "zod"; export const oidcParamsSchema = z.object({ - scope: z.string(), - response_type: z.string(), - client_id: z.string(), - redirect_uri: z.string(), + scope: z.string().nonempty(), + response_type: z.string().nonempty(), + client_id: z.string().nonempty(), + redirect_uri: z.string().nonempty(), state: z.string().optional(), nonce: z.string().optional(), code_challenge: z.string().optional(), code_challenge_method: z.string().optional(), - prompt: z.string().optional(), }); export const useOIDCParams = ( diff --git a/frontend/src/pages/authorize-page.tsx b/frontend/src/pages/authorize-page.tsx index 6edc8a5..24357d2 100644 --- a/frontend/src/pages/authorize-page.tsx +++ b/frontend/src/pages/authorize-page.tsx @@ -78,7 +78,7 @@ export const AuthorizePage = () => { queryKey: ["client", oidcParams.values.client_id], queryFn: async () => { const res = await fetch( - `/api/oidc/clients/${oidcParams.values.client_id}`, + `/api/oidc/clients/${encodeURIComponent(oidcParams.values.client_id)}`, ); const data = await getOidcClientInfoSchema.parseAsync(await res.json()); return data; diff --git a/frontend/src/pages/login-page.tsx b/frontend/src/pages/login-page.tsx index 48203ec..e385b4b 100644 --- a/frontend/src/pages/login-page.tsx +++ b/frontend/src/pages/login-page.tsx @@ -106,6 +106,10 @@ export const LoginPage = () => { mutationKey: ["login"], onSuccess: (data) => { if (data.data.totpPending) { + if (oidcParams.isOidc) { + window.location.replace(`/totp?${oidcParams.compiled}`); + return; + } window.location.replace( `/totp${redirectUri ? `?redirect_uri=${encodeURIComponent(redirectUri)}` : ""}`, ); @@ -171,7 +175,7 @@ export const LoginPage = () => { return ; } - if (isLoggedIn && redirectUri !== "") { + if (isLoggedIn && redirectUri !== undefined) { return (