Allow to use URI reference (path) in $oauth_redirect_uri

jirutka · Dec 2, 2015 · b83a1a5 · b83a1a5
1 parent 4bbcb78
commit b83a1a5
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 16 deletions.
diff --git a/README.adoc b/README.adoc
@@ -65,14 +65,10 @@ $oauth_oaas_uri::
   Base URI of the OAuth 2.0 authorization server.
   This variable is *required*, unless you set `$oauth_authorization_url`, `$oauth_token_url` and `$oauth_userinfo_url`.
 
-$oauth_redirect_location::
-  TODO
-
 $oauth_redirect_uri::
-  The _client’s_ {rfc6749}#section-3.1.2[redirection endpoint] previously registered on the authorization server.
-  It must be an absolute URI that is accessible from the authorization server and routed to this module.
-  You don’t need to change this variable, unless your nginx instance is behind some other HTTP proxy.
-  The default value is `${scheme}://${server_name}${oauth_redirect_location}`, where variables {ngx-http-core-doc}#var_scheme[`$scheme`] and {ngx-http-core-doc}#var_server_name[`$server_name`] are set by nginx.
+  URL of the _client’s_ {rfc6749}#section-3.1.2[redirection endpoint] previously registered on the authorization server.
+  It may be full (absolute) URL, or just a path (starting with `/`) relative to {ngx-http-core-doc}#var_scheme[`$scheme`]`://`{ngx-http-core-doc}#var_server_name[`$server_name`].
+  The default value is `/_oauth/callback`.
 
 $oauth_scope::
   A space delimited set of OAuth scopes that should be requested.

diff --git a/spec/ngx-oauth/config_spec.moon b/spec/ngx-oauth/config_spec.moon
@@ -22,7 +22,6 @@ describe 'load', ->
       scope: 'read'
       redirect_uri: 'https://example.cz/oauth/callback'
       oaas_uri: 'not-used'
-      redirect_location: '/callback'
       success_uri: '/app/home'
       cookie_path: '/app'
       cookie_prefix: 'oa_'
@@ -45,7 +44,6 @@ describe 'load', ->
       scope: ''
       oaas_uri: ''
       redirect_uri: 'https://example.org/_oauth/callback'
-      redirect_location: '/_oauth/callback'
       success_uri: '/'
       cookie_path: '/'
       cookie_prefix: 'oauth_'
@@ -63,12 +61,12 @@ describe 'load', ->
       assert.is_falsy errs
 
 
-  context 'when ngx.var.oauth_redirect_uri is not set', ->
+  context 'when ngx.var.oauth_redirect_uri starts with "/"', ->
     before_each ->
       _G.ngx.var =
-        scheme: 'http', server_name: 'example.cz', oauth_redirect_location: '/callme'
+        scheme: 'http', server_name: 'example.cz', oauth_redirect_uri: '/callme'
 
-    it 'sets redirect_uri built from vars scheme, server_name and oauth_redirect_location', ->
+    it 'prepends oauth_redirect_uri with ${scheme}://${server_name}', ->
       actual = config.load()
       assert.same 'http://example.cz/callme', actual.redirect_uri
 

diff --git a/src/ngx-oauth/config.lua b/src/ngx-oauth/config.lua
@@ -13,12 +13,11 @@ local DEFAULTS = {
   client_id         = '',
   client_secret     = '',
   scope             = '',
-  redirect_uri      = '',
+  redirect_uri      = '/_oauth/callback',
   oaas_uri          = '',  -- used only as a shorthand for setting these 3 below
   authorization_url = '${oaas_uri}/authorize',
   token_url         = '${oaas_uri}/token',
   userinfo_url      = "${oaas_uri}/userinfo",
-  redirect_location = '/_oauth/callback',
   success_uri       = '/',
   cookie_path       = '/',
   cookie_prefix     = 'oauth_',
@@ -73,8 +72,8 @@ local M = {}
 function M.load ()
   local conf = load_from_ngx()
 
-  if is_empty(conf.redirect_uri) then
-    conf.redirect_uri = ngx.var.scheme..'://'..ngx.var.server_name..conf.redirect_location
+  if starts_with('/', conf.redirect_uri) then
+    conf.redirect_uri = ngx.var.scheme..'://'..ngx.var.server_name..conf.redirect_uri
   end
 
   if not is_empty(conf.oaas_uri) then