forked from transloadit/uppy
/
oauth-redirect.js
31 lines (27 loc) · 1.04 KB
/
oauth-redirect.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
const qs = require('node:querystring')
const { URL } = require('node:url')
const { hasMatch } = require('../helpers/utils')
const oAuthState = require('../helpers/oauth-state')
/**
*
* @param {object} req
* @param {object} res
*/
module.exports = function oauthRedirect (req, res) {
const params = qs.stringify(req.query)
const { authProvider } = req.companion.provider
if (!req.companion.options.server.oauthDomain) {
return res.redirect(req.companion.buildURL(`/connect/${authProvider}/callback?${params}`, true))
}
const state = oAuthState.getDynamicStateFromRequest(req)
if (!state) {
return res.status(400).send('Cannot find state in session')
}
const handler = oAuthState.getFromState(state, 'companionInstance', req.companion.options.secret)
const handlerHostName = (new URL(handler)).host
if (hasMatch(handlerHostName, req.companion.options.server.validHosts)) {
const url = `${handler}/connect/${authProvider}/callback?${params}`
return res.redirect(url)
}
res.status(400).send('Invalid Host in state')
}