SSO: Remove pick function

2025-02-01 00:18:14 +01:00 · 2024-01-25 11:44:20 +01:00 · 2024-01-25 11:44:20 +01:00 · edb5ff1e33
commit edb5ff1e33
parent d4ed6348ee
1 changed files with 5 additions and 20 deletions
--- a/server/Auth.js
+++ b/server/Auth.js
@ -315,23 +315,19 @@ class Auth {

        let { code_challenge, code_challenge_method, code_verifier } = generatePkce(req, isMobileFlow)

-        const params = {
-          state,
-          // other passport strategy params and redirect_uri
-          ...oidcStrategy._params
-        }
-
        req.session[sessionKey] = {
          ...req.session[sessionKey],
-          ...pick(params, 'state', 'max_age', 'response_type'),
+          state: state,
+          max_age: oidcStrategy._params.max_age,
+          response_type: 'code',
          code_verifier: code_verifier, // not null if web flow
          mobile: req.query.redirect_uri, // Used in the abs callback later, set mobile if redirect_uri is filled out
          sso_redirect_uri: oidcStrategy._params.redirect_uri // Save the redirect_uri (for the SSO Provider) for the callback
        }

        const authorizationUrl = client.authorizationUrl({
-          ...params,
-          scope: 'openid profile email',
+          ...oidcStrategy._params,
+          state: state,
          response_type: 'code',
          code_challenge,
          code_challenge_method
@ -369,17 +365,6 @@ class Auth {
        return Database.serverSettings.authOpenIDMobileRedirectURIs.includes(uri) ||
          (Database.serverSettings.authOpenIDMobileRedirectURIs.length === 1 && Database.serverSettings.authOpenIDMobileRedirectURIs[0] === '*')
      }
-
-      // helper function from openid-client
-      function pick(object, ...paths) {
-        const obj = {}
-        for (const path of paths) {
-          if (object[path] !== undefined) {
-            obj[path] = object[path]
-          }
-        }
-        return obj
-      }
    })

    // This will be the oauth2 callback route for mobile clients