[NEW] Accept multiple redirect URIs on OAuth Apps (#14935)

RocketChat · Jul 21, 2019 · ac7ac5b · ac7ac5b
1 parent 4446fb0
commit ac7ac5b
Show file tree

Hide file tree

Showing 7 changed files with 41 additions and 4 deletions.
diff --git a/.meteor/versions b/.meteor/versions
@@ -129,7 +129,7 @@ rocketchat:i18n@0.0.1
 rocketchat:livechat@0.0.1
 rocketchat:mongo-config@0.0.1
 rocketchat:monitoring@2.30.2_3
-rocketchat:oauth2-server@2.0.0
+rocketchat:oauth2-server@2.1.0
 rocketchat:push@3.3.1
 rocketchat:streamer@1.0.2
 rocketchat:version@1.0.0

diff --git a/app/oauth2-server-config/client/admin/views/oauthApp.html b/app/oauth2-server-config/client/admin/views/oauthApp.html
@@ -22,7 +22,7 @@
 						<div class="input-line double-col">
 							<label>{{_ "Redirect_URI"}}</label>
 							<div>
-								<input type="text" class="rc-input__element" name="redirectUri" value="{{data.redirectUri}}" />
+								<textarea class="rc-input__element" name="redirectUri" rows="4" style="height: auto">{{data.redirectUri}}</textarea>
 								<div class="settings-description secondary-font-color">{{_ "After_OAuth2_authentication_users_will_be_redirected_to_this_URL"}}</div>
 							</div>
 						</div>

diff --git a/app/oauth2-server-config/client/admin/views/oauthApp.js b/app/oauth2-server-config/client/admin/views/oauthApp.js
@@ -31,6 +31,10 @@ Template.oauthApp.helpers({
 				if (data) {
 					data.authorization_url = Meteor.absoluteUrl('oauth/authorize');
 					data.access_token_url = Meteor.absoluteUrl('oauth/token');
+					if (Array.isArray(data.redirectUri)) {
+						data.redirectUri = data.redirectUri.join('\n');
+					}
+
 					Template.instance().record.set(data);
 					return data;
 				}

diff --git a/app/oauth2-server-config/server/admin/functions/parseUriList.js b/app/oauth2-server-config/server/admin/functions/parseUriList.js
@@ -0,0 +1,17 @@
+export const parseUriList = (userUri) => {
+	if (userUri.indexOf('\n') < 0 && userUri.indexOf(',') < 0) {
+		return userUri;
+	}
+
+	const uriList = [];
+	userUri.split(/[,\n]/).forEach((item) => {
+		const uri = item.trim();
+		if (uri === '') {
+			return;
+		}
+
+		uriList.push(uri);
+	});
+
+	return uriList;
+};
diff --git a/app/oauth2-server-config/server/admin/methods/addOAuthApp.js b/app/oauth2-server-config/server/admin/methods/addOAuthApp.js
@@ -4,6 +4,7 @@ import _ from 'underscore';
 
 import { hasPermission } from '../../../../authorization';
 import { Users, OAuthApps } from '../../../../models';
+import { parseUriList } from '../functions/parseUriList';
 
 Meteor.methods({
 	addOAuthApp(application) {
@@ -19,6 +20,13 @@ Meteor.methods({
 		if (!_.isBoolean(application.active)) {
 			throw new Meteor.Error('error-invalid-arguments', 'Invalid arguments', { method: 'addOAuthApp' });
 		}
+
+		application.redirectUri = parseUriList(application.redirectUri);
+
+		if (application.redirectUri.length === 0) {
+			throw new Meteor.Error('error-invalid-redirectUri', 'Invalid redirectUri', { method: 'addOAuthApp' });
+		}
+
 		application.clientId = Random.id();
 		application.clientSecret = Random.secret();
 		application._createdAt = new Date();

diff --git a/app/oauth2-server-config/server/admin/methods/updateOAuthApp.js b/app/oauth2-server-config/server/admin/methods/updateOAuthApp.js
@@ -3,6 +3,7 @@ import _ from 'underscore';
 
 import { hasPermission } from '../../../../authorization';
 import { OAuthApps, Users } from '../../../../models';
+import { parseUriList } from '../functions/parseUriList';
 
 Meteor.methods({
 	updateOAuthApp(applicationId, application) {
@@ -22,11 +23,18 @@ Meteor.methods({
 		if (currentApplication == null) {
 			throw new Meteor.Error('error-application-not-found', 'Application not found', { method: 'updateOAuthApp' });
 		}
+
+		const redirectUri = parseUriList(application.redirectUri);
+
+		if (redirectUri.length === 0) {
+			throw new Meteor.Error('error-invalid-redirectUri', 'Invalid redirectUri', { method: 'updateOAuthApp' });
+		}
+
 		OAuthApps.update(applicationId, {
 			$set: {
 				name: application.name,
 				active: application.active,
-				redirectUri: application.redirectUri,
+				redirectUri,
 				_updatedAt: new Date(),
 				_updatedBy: Users.findOne(this.userId, {
 					fields: {

diff --git a/packages/rocketchat-i18n/i18n/en.i18n.json b/packages/rocketchat-i18n/i18n/en.i18n.json
@@ -232,7 +232,7 @@
   "Administration": "Administration",
   "Adult_images_are_not_allowed": "Adult images are not allowed",
   "Advocacy": "Advocacy",
-  "After_OAuth2_authentication_users_will_be_redirected_to_this_URL": "After OAuth2 authentication, users will be redirected to this URL",
+  "After_OAuth2_authentication_users_will_be_redirected_to_this_URL": "After OAuth2 authentication, users will be redirected to an URL on this list. You can add one URL per line.",
   "Agent": "Agent",
   "Agent_added": "Agent added",
   "Agent_removed": "Agent removed",