mirror of
https://github.com/steveiliop56/tinyauth.git
synced 2026-07-14 14:01:34 +00:00
feat: allow existing query params in oidc redirect uri (#1003)
This commit is contained in:
@@ -5,6 +5,7 @@ import (
|
|||||||
"errors"
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"net/url"
|
||||||
"slices"
|
"slices"
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
@@ -343,27 +344,31 @@ func (controller *OIDCController) authorizeComplete(c *gin.Context) {
|
|||||||
// Create the authorization code
|
// Create the authorization code
|
||||||
code := controller.oidc.CreateCode(*authorizeReq, *userContext)
|
code := controller.oidc.CreateCode(*authorizeReq, *userContext)
|
||||||
|
|
||||||
queries, err := query.Values(AuthorizeCallback{
|
cu, err := url.Parse(authorizeReq.RedirectURI)
|
||||||
Code: code,
|
|
||||||
State: authorizeReq.State,
|
|
||||||
})
|
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
controller.authorizeError(c, authorizeErrorParams{
|
controller.authorizeError(c, authorizeErrorParams{
|
||||||
err: err,
|
err: err,
|
||||||
reason: "Failed to build query",
|
reason: "Failed to parse redirect URI",
|
||||||
reasonPublic: "Failed to build query",
|
reasonPublic: "Failed to parse redirect URI",
|
||||||
callback: authorizeReq.RedirectURI,
|
json: true,
|
||||||
callbackError: "server_error",
|
|
||||||
state: authorizeReq.State,
|
|
||||||
json: true,
|
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
q := cu.Query()
|
||||||
|
|
||||||
|
q.Set("code", code)
|
||||||
|
|
||||||
|
if authorizeReq.State != "" {
|
||||||
|
q.Set("state", authorizeReq.State)
|
||||||
|
}
|
||||||
|
|
||||||
|
cu.RawQuery = q.Encode()
|
||||||
|
|
||||||
c.JSON(200, gin.H{
|
c.JSON(200, gin.H{
|
||||||
"status": 200,
|
"status": 200,
|
||||||
"redirect_uri": fmt.Sprintf("%s?%s", authorizeReq.RedirectURI, queries.Encode()),
|
"redirect_uri": cu.String(),
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -639,37 +644,37 @@ func (controller *OIDCController) authorizeError(c *gin.Context, params authoriz
|
|||||||
controller.log.App.Error().Err(params.err).Str("reason", params.reason).Msg("Authorization error")
|
controller.log.App.Error().Err(params.err).Str("reason", params.reason).Msg("Authorization error")
|
||||||
|
|
||||||
if params.callback != "" {
|
if params.callback != "" {
|
||||||
errorQueries := CallbackError{
|
cu, err := url.Parse(params.callback)
|
||||||
Error: params.callbackError,
|
|
||||||
}
|
|
||||||
|
|
||||||
if params.reasonPublic != "" {
|
|
||||||
errorQueries.ErrorDescription = params.reasonPublic
|
|
||||||
}
|
|
||||||
|
|
||||||
if params.state != "" {
|
|
||||||
errorQueries.State = params.state
|
|
||||||
}
|
|
||||||
|
|
||||||
queries, err := query.Values(errorQueries)
|
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
controller.log.App.Error().Err(err).Msg("Failed to build callback error query")
|
controller.log.App.Error().Err(err).Msg("Failed to parse callback URL")
|
||||||
c.AbortWithStatus(http.StatusInternalServerError)
|
c.AbortWithStatus(http.StatusInternalServerError)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
redirectUrl := fmt.Sprintf("%s?%s", params.callback, queries.Encode())
|
q := cu.Query()
|
||||||
|
|
||||||
|
q.Set("error", params.callbackError)
|
||||||
|
|
||||||
|
if params.reasonPublic != "" {
|
||||||
|
q.Set("error_description", params.reasonPublic)
|
||||||
|
}
|
||||||
|
|
||||||
|
if params.state != "" {
|
||||||
|
q.Set("state", params.state)
|
||||||
|
}
|
||||||
|
|
||||||
|
cu.RawQuery = q.Encode()
|
||||||
|
|
||||||
if params.json {
|
if params.json {
|
||||||
c.JSON(200, gin.H{
|
c.JSON(200, gin.H{
|
||||||
"status": 200,
|
"status": 200,
|
||||||
"redirect_uri": redirectUrl,
|
"redirect_uri": cu.String(),
|
||||||
})
|
})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
c.Redirect(http.StatusFound, redirectUrl)
|
c.Redirect(http.StatusFound, cu.String())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user