coryHawkvelt/gatehouse-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(auth): use API base URL directly for OIDC endpoints

Browse Source 
Remove SECUIRD_OIDC constant that stripped /api/v1 from the base URL.
OIDC endpoints are now served under the API path directly.
This commit is contained in:
Cory Hawkvelt
2026-04-07 00:43:36 +09:30
parent f653ee5ca7
commit 82b4056c41
4 changed files with 7 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/pages/auth/LoginPage.tsx
+1 -2
View File
@@ -28,7 +28,6 @@ import { OAuthProvider } from "@/lib/oauth";
type LoginStep = 'credentials' | 'totp' | 'webauthn' | 'passkey-email' | 'mfa-enrollment' | 'mfa'; type LoginStep = 'credentials' | 'totp' | 'webauthn' | 'passkey-email' | 'mfa-enrollment' | 'mfa';
const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1'; const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1';
const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
/** /**
* Complete an OIDC authorization flow after the user has authenticated. * Complete an OIDC authorization flow after the user has authenticated.
@@ -36,7 +35,7 @@ const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
* the auth code and returns the redirect URL for the calling application. * the auth code and returns the redirect URL for the calling application.
*/ */
async function completeOidcFlow(oidcSessionId: string, token: string): Promise<string> { async function completeOidcFlow(oidcSessionId: string, token: string): Promise<string> {
const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, { const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
method: 'POST', method: 'POST',
headers: { 'Content-Type': 'application/json' }, headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ oidc_session_id: oidcSessionId, token }), body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),
src/pages/auth/OAuthCallbackPage.tsx
+1 -2
View File
@@ -10,10 +10,9 @@ import { useToast } from "@/hooks/use-toast";
type CallbackState = 'loading' | 'success' | 'error'; type CallbackState = 'loading' | 'success' | 'error';
const SECUIRD_API = (import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1') as string; const SECUIRD_API = (import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1') as string;
const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
async function completeOidcFlow(oidcSessionId: string, token: string): Promise<string> { async function completeOidcFlow(oidcSessionId: string, token: string): Promise<string> {
const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, { const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
method: 'POST', method: 'POST',
headers: { 'Content-Type': 'application/json' }, headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ oidc_session_id: oidcSessionId, token }), body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),
src/pages/auth/OIDCConsentPage.tsx
+2 -3
View File
@@ -7,7 +7,6 @@ import { Separator } from "@/components/ui/separator";
import { tokenManager } from "@/lib/api"; import { tokenManager } from "@/lib/api";
const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1'; const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1';
const SECUIRD_OIDC = SECUIRD_API.replace(/\/api\/v1\/?$/, '');
const SCOPE_META: Record<string, { icon: typeof Shield; label: string; description: string }> = { const SCOPE_META: Record<string, { icon: typeof Shield; label: string; description: string }> = {
openid: { icon: Shield, label: "OpenID", description: "Verify your identity" }, openid: { icon: Shield, label: "OpenID", description: "Verify your identity" },
@@ -41,7 +40,7 @@ export default function OIDCConsentPage() {
(async () => { (async () => {
try { try {
const res = await fetch(`${SECUIRD_OIDC}/oidc/begin`, { const res = await fetch(`${SECUIRD_API}/oidc/begin`, {
method: "POST", method: "POST",
headers: { "Content-Type": "application/json" }, headers: { "Content-Type": "application/json" },
body: JSON.stringify({ oidc_session_id: oidcSessionId }), body: JSON.stringify({ oidc_session_id: oidcSessionId }),
@@ -67,7 +66,7 @@ export default function OIDCConsentPage() {
navigate(`/login?oidc_session_id=${context.oidc_session_id}`); navigate(`/login?oidc_session_id=${context.oidc_session_id}`);
return; return;
} }
const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, { const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
method: "POST", method: "POST",
headers: { "Content-Type": "application/json" }, headers: { "Content-Type": "application/json" },
body: JSON.stringify({ oidc_session_id: context.oidc_session_id, token }), body: JSON.stringify({ oidc_session_id: context.oidc_session_id, token }),
src/pages/auth/OIDCLoginPage.tsx
+3 -4
View File
@@ -37,8 +37,7 @@ import { useAuth } from "@/contexts/AuthContext";
import { ApiError, tokenManager } from "@/lib/api"; import { ApiError, tokenManager } from "@/lib/api";
// ── Configuration ───────────────────────────────────────────────────────────── // ── Configuration ─────────────────────────────────────────────────────────────
const SECUIRD_OIDC = (import.meta.env.VITE_API_BASE_URL ?? "http://localhost:5000/api/v1") const SECUIRD_API = import.meta.env.VITE_API_BASE_URL ?? "http://localhost:5000/api/v1";
.replace(/\/api\/v1\/?$/, "");
// ── Scope display metadata ──────────────────────────────────────────────────── // ── Scope display metadata ────────────────────────────────────────────────────
const SCOPE_META: Record<string, { icon: typeof Shield; label: string; description: string }> = { const SCOPE_META: Record<string, { icon: typeof Shield; label: string; description: string }> = {
@@ -62,7 +61,7 @@ type PageStep = "loading" | "login" | "consent" | "error";
// ── API helpers ─────────────────────────────────────────────────────────────── // ── API helpers ───────────────────────────────────────────────────────────────
async function fetchOIDCContext(oidcSessionId: string): Promise<OIDCContext> { async function fetchOIDCContext(oidcSessionId: string): Promise<OIDCContext> {
const res = await fetch(`${SECUIRD_OIDC}/oidc/begin`, { const res = await fetch(`${SECUIRD_API}/oidc/begin`, {
method: "POST", method: "POST",
headers: { "Content-Type": "application/json" }, headers: { "Content-Type": "application/json" },
body: JSON.stringify({ oidc_session_id: oidcSessionId }), body: JSON.stringify({ oidc_session_id: oidcSessionId }),
@@ -75,7 +74,7 @@ async function fetchOIDCContext(oidcSessionId: string): Promise<OIDCContext> {
} }
async function completeOIDCFlow(oidcSessionId: string, token: string): Promise<string> { async function completeOIDCFlow(oidcSessionId: string, token: string): Promise<string> {
const res = await fetch(`${SECUIRD_OIDC}/oidc/complete`, { const res = await fetch(`${SECUIRD_API}/oidc/complete`, {
method: "POST", method: "POST",
headers: { "Content-Type": "application/json" }, headers: { "Content-Type": "application/json" },
body: JSON.stringify({ oidc_session_id: oidcSessionId, token }), body: JSON.stringify({ oidc_session_id: oidcSessionId, token }),