Skip to content

Commit 9a4d140

Browse files
smarcetsmarcet
committed
fix(login): wrong encoding issue on backUrl param
1 parent 9e12c50 commit 9a4d140

1 file changed

Lines changed: 32 additions & 23 deletions

File tree

src/components/security/methods.js

Lines changed: 32 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,6 @@ import {
22
base64URLEncode,
33
getAuthCallback,
44
getCurrentLocation,
5-
getCurrentPathName,
65
getFromLocalStorage,
76
removeFromLocalStorage,
87
getOrigin,
@@ -14,8 +13,24 @@ import moment from "moment-timezone";
1413
import request from 'superagent/lib/client';
1514
import SuperTokensLock from 'browser-tabs-lock';
1615
import Cookies from 'js-cookie'
17-
1816
let http = request;
17+
import URI from "urijs";
18+
import IdTokenVerifier from "idtoken-verifier";
19+
import {SET_LOGGED_USER} from "./actions";
20+
import {getRandomBytes, getSHA256} from "../../utils/crypto";
21+
22+
import {
23+
AUTH_ERROR_ACCESS_TOKEN_EXPIRED,
24+
AUTH_ERROR_MISSING_AUTH_INFO,
25+
AUTH_ERROR_MISSING_REFRESH_TOKEN,
26+
AUTH_ERROR_LOCK_ACQUIRE_ERROR,
27+
AUTH_ERROR_REFRESH_TOKEN_REQUEST_ERROR,
28+
AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR,
29+
AUTH_ERROR_ID_TOKEN_INVALID,
30+
AUTH_ERROR_MISSING_OTP_PARAM,
31+
AUTH_ERROR_MISSING_PKCE_PARAM,
32+
AUTH_ERROR_MISSING_NONCE_PARAM,
33+
} from "./constants";
1934

2035
/**
2136
* @ignore
@@ -34,24 +49,8 @@ const AUTH_INFO = 'authInfo';
3449
const NONCE = 'nonce';
3550
const PKCE = 'pkce';
3651
const ID_TOKEN = 'idToken';
52+
const BACK_ULR_PARAM_NAME = 'BackUrl';
3753

38-
import URI from "urijs";
39-
import IdTokenVerifier from "idtoken-verifier";
40-
import {SET_LOGGED_USER} from "./actions";
41-
import {getRandomBytes, getSHA256} from "../../utils/crypto";
42-
43-
import {
44-
AUTH_ERROR_ACCESS_TOKEN_EXPIRED,
45-
AUTH_ERROR_MISSING_AUTH_INFO,
46-
AUTH_ERROR_MISSING_REFRESH_TOKEN,
47-
AUTH_ERROR_LOCK_ACQUIRE_ERROR,
48-
AUTH_ERROR_REFRESH_TOKEN_REQUEST_ERROR,
49-
AUTH_ERROR_REFRESH_TOKEN_NETWORK_ERROR,
50-
AUTH_ERROR_ID_TOKEN_INVALID,
51-
AUTH_ERROR_MISSING_OTP_PARAM,
52-
AUTH_ERROR_MISSING_PKCE_PARAM,
53-
AUTH_ERROR_MISSING_NONCE_PARAM,
54-
} from "./constants";
5554

5655
/**
5756
*
@@ -62,6 +61,7 @@ import {
6261
* @param loginHint
6362
* @param otpLoginHint
6463
* @param tenant
64+
* @param backUrlParamName
6565
* @returns {*}
6666
*/
6767
export const getAuthUrl = (
@@ -71,7 +71,9 @@ export const getAuthUrl = (
7171
provider = null,
7272
loginHint = null,
7373
otpLoginHint = null,
74-
tenant = null) => {
74+
tenant = null,
75+
backUrlParamName = BACK_ULR_PARAM_NAME
76+
) => {
7577

7678
let oauth2ClientId = getOAuth2ClientId();
7779
let redirectUri = getAuthCallback();
@@ -80,7 +82,7 @@ export const getAuthUrl = (
8082
let flow = getOAuth2Flow();
8183

8284
if (backUrl != null)
83-
redirectUri += `?BackUrl=${encodeURI(backUrl)}`;
85+
redirectUri += `?${backUrlParamName}=${encodeURIComponent(backUrl)}`;
8486

8587
let nonce = createNonce(NONCE_LEN);
8688

@@ -222,7 +224,14 @@ const createPKCECodes = () => {
222224
return codePair
223225
}
224226

225-
export const emitAccessToken = async (code, backUrl = null) => {
227+
/**
228+
229+
* @param code
230+
* @param backUrl
231+
* @param backUrlParamName
232+
* @returns {Promise<{access_token: *, refresh_token: *, id_token: *, expires_in: *, error: *, error_description: *}>}
233+
*/
234+
export const emitAccessToken = async (code, backUrl = null, backUrlParamName = BACK_ULR_PARAM_NAME) => {
226235

227236
let baseUrl = getOAuth2IDPBaseUrl();
228237
let oauth2ClientId = getOAuth2ClientId();
@@ -233,7 +242,7 @@ export const emitAccessToken = async (code, backUrl = null) => {
233242
throw Error(AUTH_ERROR_MISSING_PKCE_PARAM);
234243

235244
if (backUrl != null)
236-
redirectUri += `?BackUrl=${encodeURI(backUrl)}`;
245+
redirectUri += `?${backUrlParamName}=${encodeURIComponent(backUrl)}`;
237246

238247
const payload = {
239248
'code': code,

0 commit comments

Comments
 (0)