fix(authentication-oauth): Update OAuth redirect to handle user requested redirect paths (#3186)

engineertdog · web-flow · commit 37420283c17b · 2023-05-04T21:30:21.000-07:00
diff --git a/packages/authentication-oauth/src/strategy.ts b/packages/authentication-oauth/src/strategy.ts
@@ -96,7 +96,7 @@ export class OAuthStrategy extends AuthenticationBaseStrategy {
     }
 
     const redirectUrl = `${redirect}${queryRedirect}`
-    const separator = redirect.endsWith('?') ? '' : redirect.indexOf('#') !== -1 ? '?' : '#'
+    const separator = redirectUrl.endsWith('?') ? '' : redirect.indexOf('#') !== -1 ? '?' : '#'
     const authResult: AuthenticationResult = data
     const query = authResult.accessToken
       ? { access_token: authResult.accessToken }
diff --git a/packages/authentication-oauth/test/strategy.test.ts b/packages/authentication-oauth/test/strategy.test.ts
@@ -43,6 +43,14 @@ describe('@feathersjs/authentication-oauth/strategy', () => {
     )
     assert.strictEqual('/home/hi-there#access_token=testing', redirect)
 
+    redirect = await strategy.getRedirect(
+      { accessToken: 'testing' },
+      {
+        redirect: '/hi-there?'
+      }
+    )
+    assert.equal(redirect, '/home/hi-there?access_token=testing')
+
     redirect = await strategy.getRedirect(new Error('something went wrong'))
     assert.equal(redirect, '/home#error=something%20went%20wrong')
 

Original file line number	Diff line number	Diff line change
`@@ -96,7 +96,7 @@ export class OAuthStrategy extends AuthenticationBaseStrategy {`
`96`	`96`	`}`
`97`	`97`
`98`	`98`	const redirectUrl = `${redirect}${queryRedirect}`
`99`		`- const separator = redirect.endsWith('?') ? '' : redirect.indexOf('#') !== -1 ? '?' : '#'`
	`99`	`+ const separator = redirectUrl.endsWith('?') ? '' : redirect.indexOf('#') !== -1 ? '?' : '#'`
`100`	`100`	`const authResult: AuthenticationResult = data`
`101`	`101`	`const query = authResult.accessToken`
`102`	`102`	`? { access_token: authResult.accessToken }`