Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix oauth client error #1354

Merged
merged 3 commits into from
Nov 4, 2022
Merged

Fix oauth client error #1354

merged 3 commits into from
Nov 4, 2022

Conversation

mvandenburgh
Copy link
Member

@mvandenburgh mvandenburgh commented Nov 4, 2022
edited
Loading

The girder-oauth-client library defaults to window.location for the OAuth redirect URL. That means when trying to log in from, for example, https://dandiarchive.org/dandiset/000108, the oauth client was sending https://dandiarchive.org/dandiset/000108 as the redirect URL.

Note that this approached worked fine before #997 since we were using "fake" hash-based URLs, but now that we're using history mode, https://dandiarchive.org/dandiset/000108 != https://dandiarchive.org/ for redirect URLs.

This PR updates our oauth client to always use the current URL's origin instead of the entire URL. Note, explicitly specifying the redirect URL was introduced in girder-oauth-client 0.8.0, so this PR also updates us to that version.

Fixes #1353

@mvandenburgh mvandenburgh requested a review from waxlamp November 4, 2022 19:52
waxlamp
waxlamp approved these changes Nov 4, 2022
View reviewed changes
Copy link
Member

@waxlamp waxlamp left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code looks great and it looks like it works!

As a followup we should look at bouncing a freshly logged-in user to the page they were on when they logged in.

@mvandenburgh mvandenburgh merged commit 43ce07c into master Nov 4, 2022
@mvandenburgh mvandenburgh deleted the use-origin-for-oauth-redirect-url branch November 4, 2022 20:11
@dandibot
Copy link
Member

dandibot commented Nov 7, 2022

🚀 PR was released in v0.3.0 🚀

@dandibot dandibot added the released This issue/pull request has been released. label Nov 7, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@waxlamp waxlamp waxlamp approved these changes

Assignees
No one assigned
Labels
released This issue/pull request has been released.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

User can't login from DLP
3 participants
@mvandenburgh @dandibot @waxlamp