feat: build openid redirect url dynamically #1144
No reviewers
Labels
No Label
area/internal-code
changes requested
confirmed
dependencies
duplicate
good first issue
help wanted
hosting
invalid
kind/bug
kind/feature
question
wontfix
No Milestone
No project
No Assignees
3 Participants
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: vikunja/frontend#1144
Loading…
Reference in New Issue
No description provided.
Delete Branch "feat/openid-redirect"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Maybe resolves vikunja/desktop#70 but I'm not sure if it's a good idea.
This uses the current host as a redirect url instead of the one configured in the api.
Hi konrad!
Thank you for creating a PR!
I've deployed the changes of this PR on a preview environment under this URL: https://1144-featopenid-redirect--vikunja-frontend-preview.netlify.app
You can use this url to view the changes live and test them out.
You will need to manually connect this to an api running somehwere. The easiest to use is https://try.vikunja.io/.
Have a nice day!
@ -222,1 +223,3 @@
redirectToProvider(provider, this.openidConnect.redirectUrl)
const {host, protocol} = parseURL(window.location.href)
const redirectUrl = `${protocol}//${host}/auth/openid/`
redirectToProvider(provider, redirectUrl)
Just to get this right:
By doing this we would ignore the
redirectUrl
defined inthis.openidConnect
completely?And if so:
Shouldn't
redirectToProviderIfNothingElseIsEnabled
be changed accordingly and the prop deleted from the store, etc.?Yes and yes. I'm not quite sure about the security implications of this yet, but since the openid provider is usually responsable for allowing only some redirect urls it should be fine.
So you mean you would simply keep it like this?
At least for now yes.
I think I still don't get why we don't change it everywhere.
How about we add a comment to explain this?
I think that's a good idea, changed it everywhere and added a comment.
@ -219,7 +220,7 @@ export default {
},
redirectToProvider(provider) {
replace with
(no need to define params)
Done!
Fine to merge after this mini fix
@dpschen Should be fine now, feel free to merge once the CI passes.