From 1a5724cfc15af20aa23002aeb61e6f3c04bed00a Mon Sep 17 00:00:00 2001
From: Vladimir Chernitsyn <flunt1k@tracto.ai>
Date: Mon, 16 Dec 2024 13:02:55 +0100
Subject: [PATCH] feat(OAuth): add custom redirect base url from config

---
 packages/ui/src/@types/core.d.ts           |  4 ++++
 packages/ui/src/server/components/oauth.ts | 19 +++++++++++++------
 2 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/packages/ui/src/@types/core.d.ts b/packages/ui/src/@types/core.d.ts
index edbfb19a7..8ddf665d3 100644
--- a/packages/ui/src/@types/core.d.ts
+++ b/packages/ui/src/@types/core.d.ts
@@ -110,6 +110,10 @@ export interface YTCoreConfig {
          *  Label on the Login via OpenID button
          */
         buttonLabel?: string;
+        /**
+         * Represents the base path to which redirects should be applied
+         */
+        redirectBaseURL?: string;
     };
     /**
      * Modifies headers of /api/yt/login request:
diff --git a/packages/ui/src/server/components/oauth.ts b/packages/ui/src/server/components/oauth.ts
index 7ea25c7b6..4aeedf996 100644
--- a/packages/ui/src/server/components/oauth.ts
+++ b/packages/ui/src/server/components/oauth.ts
@@ -2,6 +2,13 @@ import axios from 'axios';
 import type {Request, Response} from 'express';
 import {YT_OAUTH_ACCESS_TOKEN_NAME, YT_OAUTH_REFRESH_TOKEN_NAME} from '../../shared/constants';
 
+function getRedirectBaseURL(req: Request) {
+    const config = getOAuthSettings(req);
+    const host = req.get('host');
+
+    return config.redirectBaseURL ?? `https://${host}`;
+}
+
 export function isOAuthAllowed(req: Request) {
     const config = req.ctx.config.ytOAuthSettings;
     return Boolean(
@@ -74,12 +81,12 @@ export function saveOAuthTokensInCookies(res: Response, tokens: OAuthAuthorizati
 
 export function getOAuthLoginPath(req: Request) {
     const config = getOAuthSettings(req);
-    const host = req.get('host');
+    const baseURL = getRedirectBaseURL(req);
     const params = new URLSearchParams({
         response_type: 'code',
         client_id: config.clientId,
         scope: config.scope,
-        redirect_uri: `https://${host}/api/oauth/callback`,
+        redirect_uri: `${baseURL}/api/oauth/callback`,
     });
 
     const url = new URL(config.authPath, config.baseURL);
@@ -95,9 +102,9 @@ export function getOAuthLogoutPath(req: Request) {
         return '/api/oauth/logout/callback';
     }
 
-    const host = req.get('host');
+    const baseURL = getRedirectBaseURL(req);
     const params = new URLSearchParams({
-        post_logout_redirect_uri: `https://${host}/api/oauth/logout/callback`,
+        post_logout_redirect_uri: `${baseURL}/api/oauth/logout/callback`,
         client_id: config.clientId,
     });
 
@@ -135,13 +142,13 @@ export async function exchangeOAuthToken(
     code: string,
 ): Promise<OAuthAuthorizationTokens> {
     const config = getOAuthSettings(req);
-    const host = req.get('host');
+    const baseURL = getRedirectBaseURL(req);
     const params = new URLSearchParams({
         grant_type: 'authorization_code',
         client_id: config.clientId,
         code: code as string,
         client_secret: config.clientSecret,
-        redirect_uri: `https://${host}/api/oauth/callback`,
+        redirect_uri: `${baseURL}/api/oauth/callback`,
     });
 
     const {data} = await axios.post(