From 1d4b957ebf8ecc3aea67f65d44cae3552052a671 Mon Sep 17 00:00:00 2001 From: Findeton Date: Tue, 16 Apr 2024 14:07:42 -0500 Subject: [PATCH] wip --- avRegistration/login-directive/login-directive.js | 2 +- dist/appCommon-v10.3.0.js | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/avRegistration/login-directive/login-directive.js b/avRegistration/login-directive/login-directive.js index 70471c86..06a2a51e 100644 --- a/avRegistration/login-directive/login-directive.js +++ b/avRegistration/login-directive/login-directive.js @@ -272,7 +272,7 @@ angular.module('avRegistration') // validate csrf token format and data var csrf = scope.csrf = angular.fromJson($cookies.get(OIDC_CSRF_COOKIE)); - var uri = "?" + $window.location.hash.substr(1); + var uri = $window.location.search; // NOTE: if you need to debug this callback, obtain the callback // URL, get the callback received in the server (to obtain the diff --git a/dist/appCommon-v10.3.0.js b/dist/appCommon-v10.3.0.js index f5d501f9..da3633ba 100644 --- a/dist/appCommon-v10.3.0.js +++ b/dist/appCommon-v10.3.0.js @@ -513,7 +513,7 @@ angular.module("avRegistration").config(function() {}), angular.module("avRegist if (!function() { if (!$cookies.get("OIDC_CSRF")) return setOIDCErrorCookie("unexpectedOIDCRedirect"), void redirectToLogin(); - var csrf = scope.csrf = angular.fromJson($cookies.get("OIDC_CSRF")), uri = "?" + $window.location.hash.substr(1); + var csrf = scope.csrf = angular.fromJson($cookies.get("OIDC_CSRF")), uri = $window.location.search; return $cookies.remove("OIDC_CSRF"), !!csrf && angular.isObject(csrf) && angular.isString(csrf.randomState) && angular.isString(csrf.randomNonce) && angular.isString(csrf.providerId) && angular.isNumber(csrf.created) && angular.isDefined(csrf.altAuthMethodId) && getURIParameter("state", uri) === csrf.randomState && csrf.created - Date.now() < ConfigService.authTokenExpirationSeconds ? 1 : (setOIDCErrorCookie("invalidCsrf"), void redirectToLogin()); }()) return;