Madeorsk/rudeshark.net
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[mastodon-client] Correctly implement multiple callback URIs for OAuth, resolves #150

Browse Source
This commit is contained in:
Laura Hausmann 2023-09-03 02:47:28 +02:00 committed by ThatOneCalculator
parent bdc89e5568
commit 738502f051
No known key found for this signature in database
GPG Key ID: 8703CACD01000000
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
packages/client/src/pages/auth.vue
View File

@ -111,7 +111,13 @@ export default defineComponent({
}, {});
const isMastodon = !!getUrlParams().mastodon;
if (this.session.app.callbackUrl && isMastodon) {
const callbackUrl = new URL(this.session.app.callbackUrl);
const redirectUri = decodeURIComponent(getUrlParams().redirect_uri);
if (!this.session.app.callbackUrl.split('\n').some(p => p === redirectUri)){
this.state = "fetch-session-error";
this.fetching = false;
throw new Error("callback uri doesn't match registered app");
}
const callbackUrl = new URL(redirectUri)
callbackUrl.searchParams.append("code", this.session.token);
if (getUrlParams().state)
callbackUrl.searchParams.append(