Login:OAuth2: fix consent state
This commit is contained in:
parent
045452631e
commit
70ab743bf0
@ -38,12 +38,7 @@ const App: React.FC<ILoginProps> = (props) => {
|
||||
<Routes>
|
||||
<Route
|
||||
path="/login/consent"
|
||||
element={
|
||||
<Login
|
||||
isConsent={props.isAuth && !!props.oauth?.state}
|
||||
{...props}
|
||||
/>
|
||||
}
|
||||
element={<Login isConsent={props.isAuth} {...props} />}
|
||||
/>
|
||||
<Route path="/login/error" element={<InvalidRoute {...props} />} />
|
||||
{/*<Route path="/login/code" element={<CodeLogin {...props} />} />*/}
|
||||
|
||||
@ -20,10 +20,9 @@ import Link from "@docspace/components/link";
|
||||
import Avatar from "@docspace/components/avatar";
|
||||
//@ts-ignore
|
||||
import { Base } from "@docspace/components/themes";
|
||||
//@ts-ignore
|
||||
import { getCookie } from "@docspace/components/utils/cookie";
|
||||
|
||||
import OAuthClientInfo from "./oauth-client-info";
|
||||
import { deleteCookie, setCookie } from "@docspace/common/utils";
|
||||
|
||||
const StyledFormWrapper = styled(FormWrapper)`
|
||||
width: 416px;
|
||||
@ -82,30 +81,29 @@ const Consent = ({ oauth, theme, setIsConsentScreen }: IConsentProps) => {
|
||||
const onAllowClick = async () => {
|
||||
const clientId = oauth.clientId;
|
||||
|
||||
let clientState = oauth.state;
|
||||
let clientState = "";
|
||||
const scope = oauth.client.scopes;
|
||||
|
||||
if (!clientState) {
|
||||
const getCookie = () => {
|
||||
setCookie("client_id", clientId);
|
||||
|
||||
await api.oauth.onOAuthLogin();
|
||||
|
||||
const cookie = document.cookie.split(";");
|
||||
|
||||
cookie.forEach((c) => {
|
||||
if (c.includes("client_state"))
|
||||
clientState = c.replace("client_state=", "").trim();
|
||||
});
|
||||
};
|
||||
|
||||
getCookie();
|
||||
|
||||
if (!clientState) await api.oauth.onOAuthLogin();
|
||||
|
||||
getCookie();
|
||||
}
|
||||
deleteCookie("client_id");
|
||||
deleteCookie("client_state");
|
||||
|
||||
await api.oauth.onOAuthSubmit(clientId, clientState, scope);
|
||||
};
|
||||
|
||||
const onDenyClick = () => {
|
||||
deleteCookie("client_id");
|
||||
deleteCookie("client_state");
|
||||
window.location.href = oauth.client.websiteUrl;
|
||||
};
|
||||
|
||||
|
||||
@ -60,7 +60,6 @@ app.get("*", async (req: ILoginRequest, res: Response, next) => {
|
||||
|
||||
try {
|
||||
const oauthClientId = (query.client_id as string) || "";
|
||||
let oauthClientState = (query.state as string) || "";
|
||||
|
||||
const isOAuth = query.type === "oauth2" && !!oauthClientId;
|
||||
|
||||
@ -88,19 +87,8 @@ app.get("*", async (req: ILoginRequest, res: Response, next) => {
|
||||
isAuth
|
||||
);
|
||||
|
||||
if (isAuth && !oauthClientState) {
|
||||
const cookieState = headers.cookie
|
||||
?.split(";")
|
||||
.find((c) => c.includes("client_state"))
|
||||
?.replace("client_state=", "")
|
||||
.trim();
|
||||
const isConsent = isAuth;
|
||||
|
||||
if (cookieState) oauthClientState = cookieState;
|
||||
}
|
||||
|
||||
const isConsent = isAuth && isOAuth;
|
||||
|
||||
oauthState.state = oauthClientState || "";
|
||||
oauthState.isConsent = !!isConsent;
|
||||
|
||||
isCorrectOAuth = !!oauthState?.client.name;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user