From 82b4056c41863f56572bd6703fe585848225904b Mon Sep 17 00:00:00 2001
From: Cory Hawkvelt <cory.hawkvelt@nexgencloud.com>
Date: Tue, 7 Apr 2026 00:43:36 +0930
Subject: [PATCH] refactor(auth): use API base URL directly for OIDC endpoints

Remove SECUIRD_OIDC constant that stripped /api/v1 from the base URL.
OIDC endpoints are now served under the API path directly.
---
 src/pages/auth/LoginPage.tsx         | 3 +--
 src/pages/auth/OAuthCallbackPage.tsx | 3 +--
 src/pages/auth/OIDCConsentPage.tsx   | 5 ++---
 src/pages/auth/OIDCLoginPage.tsx     | 7 +++----
 4 files changed, 7 insertions(+), 11 deletions(-)

diff --git a/src/pages/auth/LoginPage.tsx b/src/pages/auth/LoginPage.tsx
index 5a98545..7def5f2 100644
--- a/src/pages/auth/LoginPage.tsx
+++ b/src/pages/auth/LoginPage.tsx
@@ -28,7 +28,6 @@ import { OAuthProvider } from "@/lib/oauth";
 type LoginStep = 'credentials' | 'totp' | 'webauthn' | 'passkey-email' | 'mfa-enrollment' | 'mfa';
 
 const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1';
-const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
 
 /**
  * Complete an OIDC authorization flow after the user has authenticated.
@@ -36,7 +35,7 @@ const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
  * the auth code and returns the redirect URL for the calling application.
  */
 async function completeOidcFlow(oidcSessionId: string, token: string): Promise<string> {
-  const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, {
+  const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
     method: 'POST',
     headers: { 'Content-Type': 'application/json' },
     body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),
diff --git a/src/pages/auth/OAuthCallbackPage.tsx b/src/pages/auth/OAuthCallbackPage.tsx
index ef5c317..3f9acad 100644
--- a/src/pages/auth/OAuthCallbackPage.tsx
+++ b/src/pages/auth/OAuthCallbackPage.tsx
@@ -10,10 +10,9 @@ import { useToast } from "@/hooks/use-toast";
 type CallbackState = 'loading' | 'success' | 'error';
 
 const SECUIRD_API = (import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1') as string;
-const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
 
 async function completeOidcFlow(oidcSessionId: string, token: string): Promise<string> {
-  const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, {
+  const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
     method: 'POST',
     headers: { 'Content-Type': 'application/json' },
     body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),
diff --git a/src/pages/auth/OIDCConsentPage.tsx b/src/pages/auth/OIDCConsentPage.tsx
index 639b183..b478950 100644
--- a/src/pages/auth/OIDCConsentPage.tsx
+++ b/src/pages/auth/OIDCConsentPage.tsx
@@ -7,7 +7,6 @@ import { Separator } from "@/components/ui/separator";
 import { tokenManager } from "@/lib/api";
 
 const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1';
-const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
 
 const SCOPE_META: Record<string, { icon: typeof Shield; label: string; description: string }> = {
   openid: { icon: Shield, label: "OpenID", description: "Verify your identity" },
@@ -41,7 +40,7 @@ export default function OIDCConsentPage() {
 
     (async () => {
       try {
-        const res = await fetch(`${SECUIRD_OIDC}/oidc/begin`, {
+        const res = await fetch(`${SECUIRD_API}/oidc/begin`, {
           method: "POST",
           headers: { "Content-Type": "application/json" },
           body: JSON.stringify({ oidc_session_id: oidcSessionId }),
@@ -67,7 +66,7 @@ export default function OIDCConsentPage() {
         navigate(`/login?oidc_session_id=${context.oidc_session_id}`);
         return;
       }
-      const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, {
+      const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
         method: "POST",
         headers: { "Content-Type": "application/json" },
         body: JSON.stringify({ oidc_session_id: context.oidc_session_id, token }),
diff --git a/src/pages/auth/OIDCLoginPage.tsx b/src/pages/auth/OIDCLoginPage.tsx
index 0049c33..5a34e12 100644
--- a/src/pages/auth/OIDCLoginPage.tsx
+++ b/src/pages/auth/OIDCLoginPage.tsx
@@ -37,8 +37,7 @@ import { useAuth } from "@/contexts/AuthContext";
 import { ApiError, tokenManager } from "@/lib/api";
 
 // ── Configuration ─────────────────────────────────────────────────────────────
-const SECUIRD_OIDC = (import.meta.env.VITE_API_BASE_URL ?? "http://localhost:5000/api/v1")
-  .replace(/\/api\/v1\/?$/, "");
+const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? "http://localhost:5000/api/v1";
 
 // ── Scope display metadata ────────────────────────────────────────────────────
 const SCOPE_META: Record<string, { icon: typeof Shield; label: string; description: string }> = {
@@ -62,7 +61,7 @@ type PageStep = "loading" | "login" | "consent" | "error";
 
 // ── API helpers ───────────────────────────────────────────────────────────────
 async function fetchOIDCContext(oidcSessionId: string): Promise<OIDCContext> {
-  const res = await fetch(`${SECUIRD_OIDC}/oidc/begin`, {
+  const res = await fetch(`${SECUIRD_API}/oidc/begin`, {
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({ oidc_session_id: oidcSessionId }),
@@ -75,7 +74,7 @@ async function fetchOIDCContext(oidcSessionId: string): Promise<OIDCContext> {
 }
 
 async function completeOIDCFlow(oidcSessionId: string, token: string): Promise<string> {
-  const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, {
+  const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
     method: "POST",
     headers: { "Content-Type": "application/json" },
     body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),