feat(OAuth): add custom redirect base url from config

ytsaurus · Dec 16, 2024 · 1a5724c · 1a5724c
1 parent 565b205
commit 1a5724c
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 6 deletions.
diff --git a/packages/ui/src/@types/core.d.ts b/packages/ui/src/@types/core.d.ts
@@ -110,6 +110,10 @@ export interface YTCoreConfig {
          *  Label on the Login via OpenID button
          */
         buttonLabel?: string;
+        /**
+         * Represents the base path to which redirects should be applied
+         */
+        redirectBaseURL?: string;
     };
     /**
      * Modifies headers of /api/yt/login request:

diff --git a/packages/ui/src/server/components/oauth.ts b/packages/ui/src/server/components/oauth.ts
@@ -2,6 +2,13 @@ import axios from 'axios';
 import type {Request, Response} from 'express';
 import {YT_OAUTH_ACCESS_TOKEN_NAME, YT_OAUTH_REFRESH_TOKEN_NAME} from '../../shared/constants';
 
+function getRedirectBaseURL(req: Request) {
+    const config = getOAuthSettings(req);
+    const host = req.get('host');
+
+    return config.redirectBaseURL ?? `https://${host}`;
+}
+
 export function isOAuthAllowed(req: Request) {
     const config = req.ctx.config.ytOAuthSettings;
     return Boolean(
@@ -74,12 +81,12 @@ export function saveOAuthTokensInCookies(res: Response, tokens: OAuthAuthorizati
 
 export function getOAuthLoginPath(req: Request) {
     const config = getOAuthSettings(req);
-    const host = req.get('host');
+    const baseURL = getRedirectBaseURL(req);
     const params = new URLSearchParams({
         response_type: 'code',
         client_id: config.clientId,
         scope: config.scope,
-        redirect_uri: `https://${host}/api/oauth/callback`,
+        redirect_uri: `${baseURL}/api/oauth/callback`,
     });
 
     const url = new URL(config.authPath, config.baseURL);
@@ -95,9 +102,9 @@ export function getOAuthLogoutPath(req: Request) {
         return '/api/oauth/logout/callback';
     }
 
-    const host = req.get('host');
+    const baseURL = getRedirectBaseURL(req);
     const params = new URLSearchParams({
-        post_logout_redirect_uri: `https://${host}/api/oauth/logout/callback`,
+        post_logout_redirect_uri: `${baseURL}/api/oauth/logout/callback`,
         client_id: config.clientId,
     });
 
@@ -135,13 +142,13 @@ export async function exchangeOAuthToken(
     code: string,
 ): Promise<OAuthAuthorizationTokens> {
     const config = getOAuthSettings(req);
-    const host = req.get('host');
+    const baseURL = getRedirectBaseURL(req);
     const params = new URLSearchParams({
         grant_type: 'authorization_code',
         client_id: config.clientId,
         code: code as string,
         client_secret: config.clientSecret,
-        redirect_uri: `https://${host}/api/oauth/callback`,
+        redirect_uri: `${baseURL}/api/oauth/callback`,
     });
 
     const {data} = await axios.post(