moon
/
ditto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix login with Elk

This commit is contained in:
Alex Gleason 2023-05-12 16:17:02 -05:00
parent cfa7498feb
commit 45807e29de
No known key found for this signature in database
GPG Key ID: 7211D1F99744FBB7
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
src/controllers/api/oauth.ts
View File

@ -46,7 +46,7 @@ const oauthController: AppController = (c) => {
return c.text('Missing `redirect_uri` query param.', 422);
}
const redirectUri = decodeURIComponent(encodedUri);
const redirectUri = maybeDecodeUri(encodedUri);
c.res.headers.set(
'content-security-policy',
@ -81,6 +81,19 @@ const oauthController: AppController = (c) => {
`);
};
/**
* If it's already a valid URL, keep it as-is. Otherwise decode it from a URI component.
* This fixes compatibilty with Elk: https://github.com/elk-zone/elk/issues/2089#issuecomment-1546289725
*/
function maybeDecodeUri(uri: string): string {
try {
new URL(uri);
return uri;
} catch (_e) {
return decodeURIComponent(uri);
}
}
const oauthAuthorizeSchema = z.object({
pubkey: z.string().regex(/^[0-9a-f]{64}$/).optional().catch(undefined),
nip19: z.string().regex(new RegExp(`^${nip21.BECH32_REGEX.source}$`)).optional().catch(undefined),