Mirrors/audiobookshelf
Mirrors/audiobookshelf
1
0
Fork 0
mirror of https://github.com/advplyr/audiobookshelf.git synced 2025-01-22 00:07:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

SSO/OpenID: Remove modifying redirect_uri in the callback

Browse Source 
The redirect URI will be now correctly set to either /callback or /mobile-redirect in the /auth/openid route
This commit is contained in:
Denis Arnst 2023-12-05 00:18:58 +01:00
parent 80fd2a1a18
commit e6ab28365f
1 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
server/Auth.js
View File

@ -359,7 +359,7 @@ class Auth {
scope: 'openid profile email',
response_type: 'code',
code_challenge,
code_challenge_method,
code_challenge_method
})
// params (isRest, callback) to a cookie that will be send to the client
@ -460,11 +460,8 @@ class Auth {
// While not required by the standard, the passport plugin re-sends the original redirect_uri in the token request
// We need to set it correctly, as some SSO providers (e.g. keycloak) check that parameter when it is provided
if (req.session[sessionKey].mobile) {
return passport.authenticate('openid-client', { redirect_uri: 'audiobookshelf://oauth' }, passportCallback(req, res, next))(req, res, next)
} else {
return passport.authenticate('openid-client', passportCallback(req, res, next))(req, res, next)
}
// This is already done in the strategy in the route to /auth/openid using oidcStrategy._params.redirect_uri
return passport.authenticate('openid-client', passportCallback(req, res, next))(req, res, next)
},
// on a successfull login: read the cookies and react like the client requested (callback or json)
this.handleLoginSuccessBasedOnCookie.bind(this))