[mastodon-client] Correctly implement multiple callback URIs for OAuth, resolves #150

This commit is contained in:
Laura Hausmann 2023-09-03 02:47:28 +02:00
parent 29099e4635
commit 5d1a61cb95
No known key found for this signature in database
GPG Key ID: D044E84C5BE01605

View File

@ -111,7 +111,13 @@ export default defineComponent({
}, {});
const isMastodon = !!getUrlParams().mastodon;
if (this.session.app.callbackUrl && isMastodon) {
const callbackUrl = new URL(this.session.app.callbackUrl);
const redirectUri = decodeURIComponent(getUrlParams().redirect_uri);
if (!this.session.app.callbackUrl.split('\n').some(p => p === redirectUri)){
this.state = "fetch-session-error";
this.fetching = false;
throw new Error("callback uri doesn't match registered app");
}
const callbackUrl = new URL(redirectUri)
callbackUrl.searchParams.append("code", this.session.token);
if (!!getUrlParams().state)
callbackUrl.searchParams.append(