coryHawkvelt/gatehouse-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(auth): remove redirect_uri parameter from OAuth flow

Browse Source 
Simplify OAuth login and account linking by removing the redirect_uri
parameter from initiateLogin and initiateLink functions. The backend
now handles callback URL construction internally.
This commit is contained in:
Cory Hawkvelt
2026-04-06 23:50:42 +09:30
parent 11f56c187f
commit f653ee5ca7
3 changed files with 3 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/lib/api.ts
+2 -4
View File
@@ -902,9 +902,8 @@ export const api = {
request<LinkedAccountsResponse>('/auth/external/linked-accounts'),
// Initiate OAuth login flow — returns authorization_url to redirect the browser to
initiateLogin: (provider: string, options?: { redirect_uri?: string; organization_id?: string; flow?: string; oidc_session_id?: string }) => {
initiateLogin: (provider: string, options?: { organization_id?: string; flow?: string; oidc_session_id?: string }) => {
const params = new URLSearchParams({ flow: options?.flow ?? 'login' });
if (options?.redirect_uri) params.set('redirect_uri', options.redirect_uri);
if (options?.organization_id) params.set('organization_id', options.organization_id);
if (options?.oidc_session_id) params.set('oidc_session_id', options.oidc_session_id);
return request<OAuthAuthorizeResponse>(`/auth/external/${provider}/authorize?${params.toString()}`, {
@@ -914,10 +913,9 @@ export const api = {
},
// Initiate account linking flow (requires auth)
initiateLink: (provider: string, redirect_uri?: string) =>
initiateLink: (provider: string) =>
request<OAuthAuthorizeResponse>(`/auth/external/${provider}/link`, {
method: 'POST',
body: JSON.stringify({ redirect_uri }),
credentials: 'include',
}),
src/pages/auth/LoginPage.tsx
-5
View File
@@ -512,14 +512,9 @@ export default function LoginPage() {
setIsLoading(true);
try {
// The redirect_uri Google will call is the *backend* callback.
// The backend then redirects to the frontend /oauth/callback with the token.
const backendCallbackUri = `${import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1'}/auth/external/${provider}/callback`;
// Ask backend for the Google authorization URL
// If we're in an OIDC bridge flow, pass oidc_session_id so it survives the round-trip
const response = await api.externalAuth.initiateLogin(provider, {
redirect_uri: backendCallbackUri,
flow: 'login',
...(oidcSessionId ? { oidc_session_id: oidcSessionId } : {}),
});
src/pages/user/LinkedAccountsPage.tsx
+1 -5
View File
@@ -88,11 +88,7 @@ export default function LinkedAccountsPage() {
setIsLinking(provider);
try {
// The backend link flow also redirects to the backend callback, which
// then redirects to the frontend /oauth/callback with flow=link.
const backendCallbackUri = `${import.meta.env.VITE_API_BASE_URL ?? 'http://localhost:5000/api/v1'}/auth/external/${provider}/callback`;
const response = await api.externalAuth.initiateLink(provider, backendCallbackUri);
const response = await api.externalAuth.initiateLink(provider);
// Redirect to authorization
window.location.href = response.authorization_url;