limepotato/jormungandr-bite
1
0
Fork 0
mirror of https://iceshrimp.dev/limepotato/jormungandr-bite.git synced 2024-11-22 09:57:29 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

[mastodon-client] Correctly implement multiple callback URIs for OAuth, resolves #150

Browse source
This commit is contained in:
Laura Hausmann 2023-09-03 02:47:28 +02:00
parent 29099e4635
commit 5d1a61cb95
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
packages/client/src/pages/auth.vue
View file

@ -111,7 +111,13 @@ export default defineComponent({
}, {}); }, {});
const isMastodon = !!getUrlParams().mastodon; const isMastodon = !!getUrlParams().mastodon;
if (this.session.app.callbackUrl && isMastodon) { if (this.session.app.callbackUrl && isMastodon) {
const callbackUrl = new URL(this.session.app.callbackUrl); const redirectUri = decodeURIComponent(getUrlParams().redirect_uri);
if (!this.session.app.callbackUrl.split('\n').some(p => p === redirectUri)){
this.state = "fetch-session-error";
this.fetching = false;
throw new Error("callback uri doesn't match registered app");
}
const callbackUrl = new URL(redirectUri)
callbackUrl.searchParams.append("code", this.session.token); callbackUrl.searchParams.append("code", this.session.token);
if (!!getUrlParams().state) if (!!getUrlParams().state)
callbackUrl.searchParams.append( callbackUrl.searchParams.append(