devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix(server):give higher preference to redirect_uri

Browse Source 
While using forgot_password redirect URI was ignored if not present

Resolves #275
This commit is contained in:
Lakhan Samani 2022-10-24 11:15:36 +05:30
parent 6e09307c22
commit e690066652
2 changed files with 18 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
server/resolvers/forgot_password.go
View File

@ -62,12 +62,12 @@ func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInpu
log.Debug("Failed to generate nonce: ", err) log.Debug("Failed to generate nonce: ", err)
return res, err return res, err
} }
redirectURL := parsers.GetAppURL(gc) redirectURI := parsers.GetAppURL(gc)
if strings.TrimSpace(refs.StringValue(params.RedirectURI)) != "" { if strings.TrimSpace(refs.StringValue(params.RedirectURI)) != "" {
redirectURL = refs.StringValue(params.RedirectURI) redirectURI = refs.StringValue(params.RedirectURI)
} }
verificationToken, err := token.CreateVerificationToken(params.Email, constants.VerificationTypeForgotPassword, hostname, nonceHash, redirectURL) verificationToken, err := token.CreateVerificationToken(params.Email, constants.VerificationTypeForgotPassword, hostname, nonceHash, redirectURI)
if err != nil { if err != nil {
log.Debug("Failed to create verification token", err) log.Debug("Failed to create verification token", err)
return res, err return res, err
@ -78,7 +78,7 @@ func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInpu
ExpiresAt: time.Now().Add(time.Minute * 30).Unix(), ExpiresAt: time.Now().Add(time.Minute * 30).Unix(),
Email: params.Email, Email: params.Email,
Nonce: nonceHash, Nonce: nonceHash,
RedirectURI: redirectURL, RedirectURI: redirectURI,
}) })
if err != nil { if err != nil {
log.Debug("Failed to add verification request", err) log.Debug("Failed to add verification request", err)
@ -89,7 +89,7 @@ func ForgotPasswordResolver(ctx context.Context, params model.ForgotPasswordInpu
go email.SendEmail([]string{params.Email}, constants.VerificationTypeForgotPassword, map[string]interface{}{ go email.SendEmail([]string{params.Email}, constants.VerificationTypeForgotPassword, map[string]interface{}{
"user": user.ToMap(), "user": user.ToMap(),
"organization": utils.GetOrganization(), "organization": utils.GetOrganization(),
"verification_url": utils.GetForgotPasswordURL(verificationToken, hostname), "verification_url": utils.GetForgotPasswordURL(verificationToken, hostname, redirectURI),
}) })
res = &model.Response{ res = &model.Response{

13
server/utils/common.go
View File

@ -81,17 +81,22 @@ func GetOrganization() map[string]interface{} {
} }
// GetForgotPasswordURL to get url for given token and hostname // GetForgotPasswordURL to get url for given token and hostname
func GetForgotPasswordURL(token, hostname string) string { func GetForgotPasswordURL(token, hostname, redirectURI string) string {
resetPasswordUrl, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL) resetPasswordURL := redirectURI
if resetPasswordURL == "" {
resetPasswordURL, err := memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyResetPasswordURL)
if err != nil { if err != nil {
return "" return ""
} }
if resetPasswordUrl == "" { if resetPasswordURL == "" {
if err := memorystore.Provider.UpdateEnvVariable(constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password"); err != nil { if err := memorystore.Provider.UpdateEnvVariable(constants.EnvKeyResetPasswordURL, hostname+"/app/reset-password"); err != nil {
return "" return ""
} }
} }
verificationURL := resetPasswordUrl + "?token=" + token }
verificationURL := resetPasswordURL + "?token=" + token
return verificationURL return verificationURL
} }