barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-06-26 21:30:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: cleanup oauth provider redirect url

Browse Source
This commit is contained in:
Stavros
2026-06-21 20:54:53 +03:00
parent 8a8426c705
commit 76aebc5728
3 changed files with 25 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/bootstrap/app_bootstrap.go
+23 -1
View File
@@ -273,12 +273,16 @@ func (app *BootstrapApp) Setup() error {
app.runtime.ConfiguredProviders = configuredProviders app.runtime.ConfiguredProviders = configuredProviders
// force tailscale app url if listening on a tailscale address // if tailscale is enabled and listening, replace the app url with the tailscale hostname
if app.services.tailscaleService != nil && app.config.Tailscale.Listen { if app.services.tailscaleService != nil && app.config.Tailscale.Listen {
tailscaleUrl := "https://" + app.services.tailscaleService.GetHostname() tailscaleUrl := "https://" + app.services.tailscaleService.GetHostname()
// if the tailscale url is different from the app url, replace it
if tailscaleUrl != app.runtime.AppURL { if tailscaleUrl != app.runtime.AppURL {
app.log.App.Info().Msg("Listening on tailscale, replacing app url with tailscale hostname") app.log.App.Info().Msg("Listening on tailscale, replacing app url with tailscale hostname")
app.runtime.AppURL = tailscaleUrl app.runtime.AppURL = tailscaleUrl
// also update cookie domain // also update cookie domain
cookieDomain, err := utils.GetCookieDomain(tailscaleUrl, app.config.Auth.SubdomainsEnabled) cookieDomain, err := utils.GetCookieDomain(tailscaleUrl, app.config.Auth.SubdomainsEnabled)
@@ -290,6 +294,24 @@ func (app *BootstrapApp) Setup() error {
} }
} }
// force an update of the redirect urls for all oauth providers, if they are empty
services := app.services.oauthBrokerService.GetConfiguredServices()
for _, service := range services {
oauthService, ok := app.services.oauthBrokerService.GetService(service)
if !ok {
return fmt.Errorf("failed to get oauth service for provider %s", service)
}
providerConfig := oauthService.GetConfig()
if providerConfig.RedirectURL == "" {
providerConfig.RedirectURL = app.runtime.AppURL + "/api/oauth/callback/" + service
oauthService.UpdateConfig(providerConfig)
}
}
// setup router // setup router
err = app.setupRouter() err = app.setupRouter()
internal/controller/oauth_controller.go
+1 -1
View File
@@ -350,7 +350,7 @@ func (controller *OAuthController) isRedirectSafe(redirectURI string) bool {
return false return false
} }
if strings.EqualFold(u.Host, au.Host) { if strings.EqualFold(u.Hostname(), au.Hostname()) {
return true return true
} }
internal/service/auth_service.go
+1 -12
View File
@@ -544,18 +544,7 @@ func (auth *AuthService) GetOAuthURL(sessionId string) (string, error) {
return "", err return "", err
} }
svc := session.Service return session.Service.GetAuthURL(session.State, session.Verifier), nil
cfg := svc.GetConfig()
// If the redirect URL is not set in the service config, we set it ourselves
if cfg.RedirectURL == "" {
cfg.RedirectURL = auth.runtime.AppURL + "/api/oauth/callback/" + svc.ID()
}
svc.UpdateConfig(cfg)
return svc.GetAuthURL(session.State, session.Verifier), nil
} }
func (auth *AuthService) GetOAuthToken(sessionId string, code string) (*oauth2.Token, error) { func (auth *AuthService) GetOAuthToken(sessionId string, code string) (*oauth2.Token, error) {