diff --git a/packages/app/components/auth/actions.ts b/packages/app/components/auth/actions.ts index ed870ce..12a85ee 100644 --- a/packages/app/components/auth/actions.ts +++ b/packages/app/components/auth/actions.ts @@ -391,7 +391,7 @@ export function oAuthComplete(params: { accept?: boolean } = {}) { } else if (resp.redirectUri.startsWith('static_page')) { const displayCode = resp.redirectUri.includes('static_page_with_code'); - const [, code] = resp.redirectUri.match(/code=(.+)&/) || []; + const [, code] = resp.redirectUri.match(/code=([^&]+)/) || []; [, resp.redirectUri] = resp.redirectUri.match(/^(.+)\?/) || []; dispatch( diff --git a/packages/app/services/api/oauth.ts b/packages/app/services/api/oauth.ts index 634b110..8686ffb 100644 --- a/packages/app/services/api/oauth.ts +++ b/packages/app/services/api/oauth.ts @@ -69,16 +69,17 @@ const api = { success: boolean; redirectUri?: string; }> { - const query = request.buildQuery(oauthData); + const data: Record = {}; + + if (typeof params.accept !== 'undefined') { + data.accept = params.accept; + } return request .post<{ success: boolean; redirectUri: string; - }>( - `/api/oauth2/v1/complete?${query}`, - typeof params.accept === 'undefined' ? {} : { accept: params.accept }, - ) + }>(`/api/oauth2/v1/complete?${request.buildQuery(oauthData)}`, data) .catch((resp = {}) => { if (resp.statusCode === 401 && resp.error === 'access_denied') { // user declined permissions diff --git a/tests-e2e/cypress/integration/auth/oauth.test.ts b/tests-e2e/cypress/integration/auth/oauth.test.ts index df5061a..fbae030 100644 --- a/tests-e2e/cypress/integration/auth/oauth.test.ts +++ b/tests-e2e/cypress/integration/auth/oauth.test.ts @@ -1,4 +1,5 @@ import { account1 } from '../../fixtures/accounts.json'; +import { OAuthState } from 'app/components/auth/reducer'; import { UserResponse } from 'app/services/api/accounts'; const defaults = { @@ -23,14 +24,14 @@ describe('OAuth', () => { JSON.stringify({ timestamp: Date.now() - 3600, payload: { - clientId: 'ely', - redirectUrl: 'https://dev.ely.by/authorization/oauth', - responseType: 'code', - description: null, - scope: 'account_info account_email', - loginHint: null, - state: null, - }, + params: { + clientId: 'ely', + redirectUrl: 'https://dev.ely.by/authorization/oauth', + responseType: 'code', + state: '', + scope: 'account_info account_email', + }, + } as OAuthState, }), ); cy.login({ accounts: ['default'] }); @@ -81,6 +82,7 @@ describe('OAuth', () => { ...defaults, client_id: 'tlauncher', redirect_uri: 'http://localhost:8080', + state: '123', })}`, ); @@ -92,7 +94,7 @@ describe('OAuth', () => { cy.findByTestId('auth-controls').contains('Approve').click(); - cy.url().should('match', /^http:\/\/localhost:8080\/?\?code=[^&]+&state=$/); + cy.url().should('match', /^http:\/\/localhost:8080\/?\?code=[^&]+&state=123$/); }); it('should redirect to error page, when permission request declined', () => { @@ -334,7 +336,7 @@ describe('OAuth', () => { cy.findByTestId('auth-controls').contains('Approve').click(); - cy.url().should('match', /^http:\/\/localhost:8080\/?\?code=[^&]+&state=$/); + cy.url().should('match', /^http:\/\/localhost:8080\/?\?code=[^&]+$/); }); it('should redirect to error page, when permission request declined', () => { @@ -377,7 +379,7 @@ describe('OAuth', () => { cy.findByTestId('auth-controls').contains('Approve').click(); - cy.url().should('match', /^http:\/\/localhost:8080\/?\?code=[^&]+&state=$/); + cy.url().should('match', /^http:\/\/localhost:8080\/?\?code=[^&]+$/); }); }); @@ -403,7 +405,7 @@ describe('OAuth', () => { cy.findByTestId('auth-controls').contains('Approve').click(); - cy.url().should('match', /^http:\/\/localhost:8080\/?\?code=[^&]+&state=$/); + cy.url().should('match', /^http:\/\/localhost:8080\/?\?code=[^&]+$/); }); });