mirror of
https://github.com/team-alembic/ash_authentication.git
synced 2024-09-19 21:03:23 +12:00
improvement: Change redirect_uri secret to be more flexible (#473)
Applies to both OAuth2 and OpenID Connect. With this the developer can provide either the full URL or the URL up to the AuthPlug path. If the suffix is already there we won't add it again. Should make it easier to get it on the first try.
This commit is contained in:
parent
c214067a18
commit
8a623ff6b0
3 changed files with 11 additions and 5 deletions
|
@ -325,8 +325,8 @@ OAuth2 authentication
|
|||
information.
|
||||
|
||||
* `:redirect_uri` - Required. The callback URI base.
|
||||
Not the whole URI back to the callback endpoint, but the URI to your
|
||||
`AuthPlug`. We can generate the rest.
|
||||
Either the whole URI back to the callback endpoint or the URI to your
|
||||
`AuthPlug`.
|
||||
Whilst not particularly secret, it seemed prudent to allow this to be
|
||||
configured dynamically so that you can use different URIs for
|
||||
different environments.
|
||||
|
|
|
@ -152,8 +152,8 @@ all the same configuration options should you need them.
|
|||
information.
|
||||
|
||||
* `:redirect_uri` - Required. The callback URI base.
|
||||
Not the whole URI back to the callback endpoint, but the URI to your
|
||||
`AuthPlug`. We can generate the rest.
|
||||
Either the whole URI back to the callback endpoint or the URI to your
|
||||
`AuthPlug`.
|
||||
Whilst not particularly secret, it seemed prudent to allow this to be
|
||||
configured dynamically so that you can use different URIs for
|
||||
different environments.
|
||||
|
|
|
@ -173,8 +173,14 @@ defmodule AshAuthentication.Strategy.OAuth2.Plug do
|
|||
with {:ok, subject_name} <- Info.authentication_subject_name(strategy.resource),
|
||||
{:ok, redirect_uri} <- fetch_secret(strategy, :redirect_uri),
|
||||
{:ok, uri} <- URI.new(redirect_uri) do
|
||||
suffix = Path.join([to_string(subject_name), to_string(strategy.name), "callback"])
|
||||
# Don't append the path if the secret ends with the path already
|
||||
path =
|
||||
Path.join([uri.path || "/", to_string(subject_name), to_string(strategy.name), "callback"])
|
||||
if String.ends_with?(uri.path, suffix) do
|
||||
uri.path
|
||||
else
|
||||
Path.join([uri.path || "/", suffix])
|
||||
end
|
||||
|
||||
{:ok, to_string(%URI{uri | path: path})}
|
||||
else
|
||||
|
|
Loading…
Reference in a new issue