From bcd58d6e117b4654b3e0dca173f7f8aaca8dabdf Mon Sep 17 00:00:00 2001 From: Prachya Saechua Date: Tue, 20 Feb 2024 23:48:01 -0800 Subject: [PATCH] fix: gitlab pkce auth error (#7110) --- .../src/AuthenticationPage.js | 2 -- .../src/AuthenticationPage.js | 1 - .../src/AuthenticationPage.js | 20 +++++++++++++++---- packages/decap-cms-lib-auth/src/pkce-oauth.js | 5 ++--- 4 files changed, 18 insertions(+), 10 deletions(-) diff --git a/packages/decap-cms-backend-aws-cognito-github-proxy/src/AuthenticationPage.js b/packages/decap-cms-backend-aws-cognito-github-proxy/src/AuthenticationPage.js index 94ce2974fe6a..caba50d0fea4 100644 --- a/packages/decap-cms-backend-aws-cognito-github-proxy/src/AuthenticationPage.js +++ b/packages/decap-cms-backend-aws-cognito-github-proxy/src/AuthenticationPage.js @@ -24,14 +24,12 @@ export default class GenericPKCEAuthenticationPage extends React.Component { app_id = '', auth_endpoint = 'oauth2/authorize', auth_token_endpoint = 'oauth2/token', - redirect_uri = document.location.origin + document.location.pathname, } = this.props.config.backend; this.auth = new PkceAuthenticator({ base_url, auth_endpoint, app_id, auth_token_endpoint, - redirect_uri, auth_token_endpoint_content_type: 'application/x-www-form-urlencoded; charset=utf-8', }); // Complete authentication if we were redirected back to from the provider. diff --git a/packages/decap-cms-backend-gitea/src/AuthenticationPage.js b/packages/decap-cms-backend-gitea/src/AuthenticationPage.js index 2def4d2ac66f..15990df1bc36 100644 --- a/packages/decap-cms-backend-gitea/src/AuthenticationPage.js +++ b/packages/decap-cms-backend-gitea/src/AuthenticationPage.js @@ -26,7 +26,6 @@ export default class GiteaAuthenticationPage extends React.Component { app_id, auth_token_endpoint: 'login/oauth/access_token', auth_token_endpoint_content_type: 'application/json; charset=utf-8', - redirect_uri: document.location.origin + document.location.pathname, }); // Complete authentication if we were redirected back to from the provider. this.auth.completeAuth((err, data) => { diff --git a/packages/decap-cms-backend-gitlab/src/AuthenticationPage.js b/packages/decap-cms-backend-gitlab/src/AuthenticationPage.js index 6eb5cc61fb59..6576b19e3236 100644 --- a/packages/decap-cms-backend-gitlab/src/AuthenticationPage.js +++ b/packages/decap-cms-backend-gitlab/src/AuthenticationPage.js @@ -13,18 +13,30 @@ const LoginButtonIcon = styled(Icon)` `; const clientSideAuthenticators = { - pkce: ({ base_url, auth_endpoint, app_id, auth_token_endpoint }) => + pkce: ({ + base_url, + auth_endpoint, + app_id, + auth_token_endpoint}) => new PkceAuthenticator({ base_url, auth_endpoint, app_id, auth_token_endpoint, auth_token_endpoint_content_type: 'application/json; charset=utf-8', - redirect_uri: document.location.origin + document.location.pathname, }), - implicit: ({ base_url, auth_endpoint, app_id, clearHash }) => - new ImplicitAuthenticator({ base_url, auth_endpoint, app_id, clearHash }), + implicit: ({ + base_url, + auth_endpoint, + app_id, + clearHash }) => + new ImplicitAuthenticator({ + base_url, + auth_endpoint, + app_id, + clearHash, + }), }; export default class GitLabAuthenticationPage extends React.Component { diff --git a/packages/decap-cms-lib-auth/src/pkce-oauth.js b/packages/decap-cms-lib-auth/src/pkce-oauth.js index 803ce11aebc7..fa1c8a2888f7 100644 --- a/packages/decap-cms-lib-auth/src/pkce-oauth.js +++ b/packages/decap-cms-lib-auth/src/pkce-oauth.js @@ -54,7 +54,6 @@ export default class PkceAuthenticator { this.auth_url = `${baseURL}/${authEndpoint}`; this.auth_token_url = `${baseURL}/${authTokenEndpoint}`; this.auth_token_endpoint_content_type = config.auth_token_endpoint_content_type; - this.redirect_uri = trim(config.redirect_uri, '/'); this.appID = config.app_id; } @@ -65,7 +64,7 @@ export default class PkceAuthenticator { const authURL = new URL(this.auth_url); authURL.searchParams.set('client_id', this.appID); - authURL.searchParams.set('redirect_uri', this.redirect_uri); + authURL.searchParams.set('redirect_uri', document.location.origin + document.location.pathname); authURL.searchParams.set('response_type', 'code'); authURL.searchParams.set('scope', options.scope); @@ -118,7 +117,7 @@ export default class PkceAuthenticator { client_id: this.appID, code, grant_type: 'authorization_code', - redirect_uri: this.redirect_uri, + redirect_uri: document.location.origin + document.location.pathname, code_verifier: getCodeVerifier(), };