fix: store oidc redirect_uri in session for parity

2025-01-18 08:18:19 +00:00 · 2025-01-18 08:18:19 +00:00 · bd11453593
commit bd11453593
parent 0f92f09796
3 changed files with 9 additions and 1 deletions
--- a/app/routes/auth/oidc-callback.ts
+++ b/app/routes/auth/oidc-callback.ts
@ -34,13 +34,19 @@ export async function loader({ request }: LoaderFunctionArgs) {
 	const codeVerifier = session.get('oidc_code_verif');
 	const state = session.get('oidc_state');
 	const nonce = session.get('oidc_nonce');
+	const redirectUri = session.get('oidc_redirect_uri');

 	if (!codeVerifier || !state || !nonce) {
 		return send({ error: 'Missing OIDC state' }, { status: 400 });
 	}

+	// Reconstruct the redirect URI using the query parameters
+	// and the one we saved in the session
+	const flowRedirectUri = new URL(redirectUri);
+	flowRedirectUri.search = url.search;
+
 	const flowOptions = {
-		redirect_uri: request.url,
+		redirect_uri: flowRedirectUri.toString(),
 		codeVerifier,
 		state,
 		nonce: nonce === '<none>' ? undefined : nonce,
--- a/app/routes/auth/oidc-start.ts
+++ b/app/routes/auth/oidc-start.ts
@ -30,6 +30,7 @@ export async function loader({ request }: LoaderFunctionArgs) {
 	session.set('oidc_code_verif', data.codeVerifier);
 	session.set('oidc_state', data.state);
 	session.set('oidc_nonce', data.nonce);
+	session.set('oidc_redirect_uri', redirectUri)

 	return redirect(data.url, {
 		status: 302,
--- a/app/utils/sessions.server.ts
+++ b/app/utils/sessions.server.ts
@ -5,6 +5,7 @@ export type SessionData = {
 	oidc_state: string;
 	oidc_code_verif: string;
 	oidc_nonce: string;
+	oidc_redirect_uri: string;
 	agent_onboarding: boolean;
 	user: {
 		subject: string;