chore: redirect to requested URL path after OIDC authenticaton

2023-02-20 09:25:16 +00:00 · 2023-02-20 09:25:16 +00:00 · e2ac1ad707
commit e2ac1ad707
parent e89d343e23
3 changed files with 18 additions and 8 deletions
--- a/auth/oidc.go
+++ b/auth/oidc.go
@ -55,7 +55,6 @@ func (o *OAuthClient) InitClient() {
 	ctx := context.Background()
 	provider, err := oidc.NewProvider(ctx, o.Issuer)
 	if err != nil {
-		fmt.Println(err)
 		log.Fatal(err)
 	}

@ -74,6 +73,7 @@ func (o *OAuthClient) InitAuthFlow(w http.ResponseWriter, r *http.Request) {
 	o.InitClient()
 	state := fmt.Sprintf("%x", rand.Uint32())
 	nonce := fmt.Sprintf("%x", rand.Uint32())
+	o.OAuth2Config.RedirectURL += "?redirect=" + r.URL.Path
 	url := o.OAuth2Config.AuthCodeURL(state, oidc.Nonce(nonce))

 	log.Println("oidc init flow ", url)
@ -84,7 +84,6 @@ func (o *OAuthClient) InitAuthFlow(w http.ResponseWriter, r *http.Request) {
 // HandleAuthCallback manages code exchange and obtains the id token.
 func (o *OAuthClient) HandleAuthCallback(r *http.Request, usr users.Store, srv *settings.Server) (*users.User, error) {
 	o.InitClient()
-
 	code := r.URL.Query().Get("code")
 	stateQuery := r.URL.Query().Get("state")
 	stateCookie, err := r.Cookie("state")
--- a/frontend/src/utils/auth.js
+++ b/frontend/src/utils/auth.js
@ -1,7 +1,7 @@
 import store from "@/store";
 import router from "@/router";
 import { Base64 } from "js-base64";
-import { baseURL } from "@/utils/constants";
+import { baseURL, authMethod } from "@/utils/constants";
 import cookie from "@/utils/cookie";

 export function parseToken(token) {
@ -23,7 +23,7 @@ export function parseToken(token) {
 export async function validateLogin() {
  let jwt = localStorage.getItem("jwt")

-  if (!jwt || jwt === "null") {
+  if (authMethod === 'oidc' && (!jwt || jwt === "null")) {
    jwt = cookie("auth");
  }

@ -69,6 +69,10 @@ export async function renew(jwt) {
  if (res.status === 200) {
    parseToken(body);
  } else {
+    if (authMethod === 'oidc') {
+      clearLoginState();
+      document.location.replace(document.location.pathname);
+    }
    throw new Error(body);
  }
 }
@ -90,10 +94,13 @@ export async function signup(username, password) {
 }

 export function logout() {
-  document.cookie = "auth=; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/";
+  clearLoginState();
+  router.push({ path: "/login" });
+}

+function clearLoginState() {
+  document.cookie = "auth=; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/";
  store.commit("setJWT", "");
  store.commit("setUser", null);
  localStorage.setItem("jwt", null);
-  router.push({ path: "/login" });
 }
--- a/http/auth.go
+++ b/http/auth.go
@ -223,8 +223,12 @@ func setTokenCookie(w http.ResponseWriter, r *http.Request, d *data, user *users
 		return http.StatusInternalServerError, err
 	}

+	redirect := "/files"
+	if r.URL.Query().Has("redirect") {
+		redirect = r.URL.Query().Get("redirect")
+	}
 	w.Header().Set("Set-Cookie", "auth="+signed+"; path=/")
-	http.Redirect(w, r, "/files", http.StatusMovedPermanently)
+	http.Redirect(w, r, redirect, http.StatusMovedPermanently)

 	return 0, nil
 }