Skip to content
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 32 additions & 27 deletions internal/controller/oidc_controller.go
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import (
"errors"
"fmt"
"net/http"
"net/url"
"slices"
"strconv"
"strings"
Expand Down Expand Up @@ -343,27 +344,31 @@ func (controller *OIDCController) authorizeComplete(c *gin.Context) {
// Create the authorization code
code := controller.oidc.CreateCode(*authorizeReq, *userContext)

queries, err := query.Values(AuthorizeCallback{
Code: code,
State: authorizeReq.State,
})
cu, err := url.Parse(authorizeReq.RedirectURI)

if err != nil {
controller.authorizeError(c, authorizeErrorParams{
err: err,
reason: "Failed to build query",
reasonPublic: "Failed to build query",
callback: authorizeReq.RedirectURI,
callbackError: "server_error",
state: authorizeReq.State,
json: true,
err: err,
reason: "Failed to parse redirect URI",
reasonPublic: "Failed to parse redirect URI",
json: true,
})
return
}

Comment thread
coderabbitai[bot] marked this conversation as resolved.
q := cu.Query()

q.Set("code", code)

if authorizeReq.State != "" {
q.Set("state", authorizeReq.State)
}

cu.RawQuery = q.Encode()

c.JSON(200, gin.H{
"status": 200,
"redirect_uri": fmt.Sprintf("%s?%s", authorizeReq.RedirectURI, queries.Encode()),
"redirect_uri": cu.String(),
})
}

Expand Down Expand Up @@ -639,37 +644,37 @@ func (controller *OIDCController) authorizeError(c *gin.Context, params authoriz
controller.log.App.Error().Err(params.err).Str("reason", params.reason).Msg("Authorization error")

if params.callback != "" {
errorQueries := CallbackError{
Error: params.callbackError,
cu, err := url.Parse(params.callback)

if err != nil {
controller.log.App.Error().Err(err).Msg("Failed to parse callback URL")
c.AbortWithStatus(http.StatusInternalServerError)
return
}

q := cu.Query()

q.Set("error", params.callbackError)

if params.reasonPublic != "" {
errorQueries.ErrorDescription = params.reasonPublic
q.Set("error_description", params.reasonPublic)
}

if params.state != "" {
errorQueries.State = params.state
}

queries, err := query.Values(errorQueries)

if err != nil {
controller.log.App.Error().Err(err).Msg("Failed to build callback error query")
c.AbortWithStatus(http.StatusInternalServerError)
return
q.Set("state", params.state)
}

redirectUrl := fmt.Sprintf("%s?%s", params.callback, queries.Encode())
cu.RawQuery = q.Encode()

if params.json {
c.JSON(200, gin.H{
"status": 200,
"redirect_uri": redirectUrl,
"redirect_uri": cu.String(),
})
return
}

c.Redirect(http.StatusFound, redirectUrl)
c.Redirect(http.StatusFound, cu.String())
return
}

Expand Down