torsten/yourpart3
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(OAuth): add 'iss' parameter to OAuth exchange methods for improved provider handling
All checks were successful
Deploy to production / deploy (push) Successful in 1m57s
Details

Browse Source
This commit is contained in:
Torsten Schulz (local)
2026-05-15 14:58:38 +02:00
parent 52f2d52916
commit e179dc714b
4 changed files with 25 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
backend/controllers/authController.js
View File

@@ -72,9 +72,9 @@ class AuthController {
}
async oauthExchange(req, res) {
const { code, state } = req.body;
const { code, state, iss } = req.body;
try {
const result = await oauthService.exchangeOAuthLogin({ code, state });
const result = await oauthService.exchangeOAuthLogin({ code, state, iss });
res.status(200).json(result);
} catch (error) {
const knownErrors = new Set([
@@ -128,7 +128,7 @@ class AuthController {
async oauthUserExchange(req, res) {
const hashedUserId = req.headers.userid || req.query.userid;
const { code, state } = req.body;
const { code, state, iss } = req.body;
try {
const User = (await import('../models/community/user.js')).default;
const user = await User.findOne({ where: { hashedId: hashedUserId } });
@@ -139,7 +139,8 @@ class AuthController {
const result = await oauthService.exchangeOAuthLoginForUser({
userId: user.id,
code,
state
state,
iss
});
res.status(200).json(result);
} catch (error) {

10
backend/services/oauthService.js
View File

@@ -361,7 +361,7 @@ export const startOAuthLogin = async ({ providerSlug }) => {
});
};
export const exchangeOAuthLogin = async ({ code, state }) => {
export const exchangeOAuthLogin = async ({ code, state, iss }) => {
if (!code || !state) {
throw new Error('oauthcodemissing');
}
@@ -380,6 +380,9 @@ export const exchangeOAuthLogin = async ({ code, state }) => {
const callbackUrl = new URL(stateData.redirectUri);
callbackUrl.searchParams.set('code', code);
callbackUrl.searchParams.set('state', state);
if (iss) {
callbackUrl.searchParams.set('iss', iss);
}
const tokens = await oidc.authorizationCodeGrant(configuration, callbackUrl, {
pkceCodeVerifier: stateData.codeVerifier,
@@ -494,7 +497,7 @@ export const startOAuthLoginForUser = async ({ userId, providerSlug }) => {
});
};
export const exchangeOAuthLoginForUser = async ({ userId, code, state }) => {
export const exchangeOAuthLoginForUser = async ({ userId, code, state, iss }) => {
if (!code || !state) {
throw new Error('oauthcodemissing');
}
@@ -517,6 +520,9 @@ export const exchangeOAuthLoginForUser = async ({ userId, code, state }) => {
const callbackUrl = new URL(stateData.redirectUri);
callbackUrl.searchParams.set('code', code);
callbackUrl.searchParams.set('state', state);
if (iss) {
callbackUrl.searchParams.set('iss', iss);
}
const tokens = await oidc.authorizationCodeGrant(configuration, callbackUrl, {
pkceCodeVerifier: stateData.codeVerifier,