fix: for authorization with multiple redirects the one with redirect_…

…url should be considered #7646 (#7647) Signed-off-by: Arnab Dutta <arnab.bdutta@gmail.com>
JanssenProject · Feb 5, 2024 · 2541bb1 · 2541bb1
1 parent 794416c
commit 2541bb1
Showing 1 changed file with 20 additions and 3 deletions.
diff --git a/demos/jans-tarp/src/options/oidcClientDetails.tsx b/demos/jans-tarp/src/options/oidcClientDetails.tsx
@@ -59,6 +59,7 @@ const OIDCClientDetails = (data) => {
 
     function customLaunchWebAuthFlow(options, callback) {
         var requestId = Math.random().toString(36).substring(2);
+        var redirectUrl = options.redirectUrl;
         var authUrl = options.url + "&state=" + requestId;
         chrome.tabs.create({ url: authUrl }, function (tab) {
             var intervalId = setInterval(function () {
@@ -84,7 +85,7 @@ const OIDCClientDetails = (data) => {
                             let url = tabs[0].url;
                             const urlParams = new URLSearchParams(new URL(url).search)
                             const code = urlParams.get('code')
-                            if (code != null) {
+                            if (code != null && areUrlsEqual(url, redirectUrl)) {
                                 callback(url, undefined);
                                 chrome.tabs.remove(tab.id);
                                 setLoading(false);
@@ -97,9 +98,24 @@ const OIDCClientDetails = (data) => {
         });
     }
 
+    function areUrlsEqual(url1, url2) {
+        // Create URL objects for comparison
+
+        const parsedUrl1 = new URL(url1);
+        const parsedUrl2 = new URL(url2);
+
+        // Compare individual components
+        return (
+            parsedUrl1.protocol === parsedUrl2.protocol &&
+            parsedUrl1.host === parsedUrl2.host &&
+            parsedUrl1.pathname === parsedUrl2.pathname &&
+            parsedUrl1.port === parsedUrl2.port
+        );
+    }
+
     async function triggerCodeFlowButton() {
         setLoading(true);
-        const redirectUrl = data.data.op_host;
+        const redirectUrl = data.data.redirect_uri[0];
         const { secret, hashed } = await generateRandomChallengePair();
         chrome.storage.local.get(["oidcClient"]).then(async (result) => {
             if (!!result.oidcClient) {
@@ -136,7 +152,8 @@ const OIDCClientDetails = (data) => {
 
                 const resultUrl: string = await new Promise((resolve, reject) => {
                     customLaunchWebAuthFlow({
-                        url: authzUrl
+                        url: authzUrl,
+                        redirectUrl: redirectUrl
                     }, (callbackUrl, error) => {
                         if (!!error) {
                             console.error('Error in executing auth url: ', error)