Fix #1683 allow OAuth2 authorizationUrl with user provided query parameters (#1712)

This commit is contained in:
Mateusz Pietryga 2024-03-04 12:51:12 +01:00 committed by GitHub
parent e2d1f52993
commit 5f35d71b8b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -47,10 +47,13 @@ const getOAuth2AuthorizationCode = (request, codeChallenge) => {
const { oauth2 } = request; const { oauth2 } = request;
const { callbackUrl, clientId, authorizationUrl, scope, pkce } = oauth2; const { callbackUrl, clientId, authorizationUrl, scope, pkce } = oauth2;
let authorizationUrlWithQueryParams = `${authorizationUrl}?client_id=${clientId}&redirect_uri=${callbackUrl}&response_type=code&scope=${scope}`; let oauth2QueryParams =
(authorizationUrl.indexOf('?') > -1 ? '&' : '?') +
`client_id=${clientId}&redirect_uri=${callbackUrl}&response_type=code&scope=${scope}`;
if (pkce) { if (pkce) {
authorizationUrlWithQueryParams += `&code_challenge=${codeChallenge}&code_challenge_method=S256`; oauth2QueryParams += `&code_challenge=${codeChallenge}&code_challenge_method=S256`;
} }
const authorizationUrlWithQueryParams = authorizationUrl + oauth2QueryParams;
try { try {
const { authorizationCode } = await authorizeUserInWindow({ const { authorizationCode } = await authorizeUserInWindow({
authorizeUrl: authorizationUrlWithQueryParams, authorizeUrl: authorizationUrlWithQueryParams,