fix: fix oauth oidc flow

2026-06-08 12:30:17 +00:00 · 2026-06-06 17:02:06 +03:00
parent da9079246a
commit f078e3549e
3 changed files with 20 additions and 25 deletions
@@ -61,7 +61,7 @@ func (controller *OAuthController) oauthURLHandler(c *gin.Context) {
 		return
 	}

-	var reqParams service.OAuthURLParams
+	var reqParams service.OAuthCallbackParams

 	err = c.BindQuery(&reqParams)

@@ -83,7 +83,7 @@ func (controller *OAuthController) oauthURLHandler(c *gin.Context) {
 		}
 	}

-	sessionId, _, err := controller.auth.NewOAuthSession(req.Provider, reqParams)
+	sessionId, err := controller.auth.NewOAuthSession(req.Provider, reqParams)

 	if err != nil {
 		controller.log.App.Error().Err(err).Msg("Failed to create new OAuth session")
@@ -272,7 +272,7 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
 			c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/error", controller.runtime.AppURL))
 			return
 		}
-		c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/authorize?%s", controller.runtime.AppURL, queries.Encode()))
+		c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/oidc/authorize?%s", controller.runtime.AppURL, queries.Encode()))
 		return
 	}

@@ -294,11 +294,8 @@ func (controller *OAuthController) oauthCallbackHandler(c *gin.Context) {
 	c.Redirect(http.StatusTemporaryRedirect, controller.runtime.AppURL)
 }

-func (controller *OAuthController) isOidcRequest(params service.OAuthURLParams) bool {
-	return params.Scope != "" &&
-		params.ResponseType != "" &&
-		params.ClientID != "" &&
-		params.RedirectURI != ""
+func (controller *OAuthController) isOidcRequest(params service.OAuthCallbackParams) bool {
+	return params.LoginFor == "oidc"
 }

 func (controller *OAuthController) getCookieDomain() string {
@@ -9,6 +9,7 @@ import (
 	"strings"

 	"github.com/gin-gonic/gin"
+	"github.com/gin-gonic/gin/binding"
 	"github.com/google/go-querystring/query"

 	"github.com/tinyauthapp/tinyauth/internal/model"
@@ -116,7 +117,7 @@ func (controller *OIDCController) authorize(c *gin.Context) {

 	var req service.AuthorizeRequest

-	err := c.Bind(&req)
+	err := c.ShouldBindWith(&req, binding.Query)

 	if err != nil {
 		controller.authorizeError(c, authorizeErrorParams{