fix: review comments

2 years ago · ef24e3064f
parent afeefec9e1
commit ef24e3064f
3 changed files with 16 additions and 14 deletions
--- a/server/routes/auth.ts
+++ b/server/routes/auth.ts
@ -476,18 +476,21 @@ authRoutes.get('/oidc-callback', async (req, res, next) => {
    // Fetch the token data
    const callbackUrl = new URL(
      '/api/v1/auth/oidc-callback',
-      `http://${req.headers.host}`
+      `${req.protocol}://${req.headers.host}`
    );
+
+    const formData = new URLSearchParams();
+    formData.append('client_secret', oidcClientSecret);
+    formData.append('grant_type', 'authorization_code');
+    formData.append('redirect_uri', callbackUrl.toString());
+    formData.append('client_id', oidcClientId);
+    formData.append('code', code);
    const response = await fetch(wellKnownInfo.token_endpoint, {
      method: 'POST',
-      headers: new Headers([['Content-Type', 'application/json']]),
-      body: JSON.stringify({
-        client_cecret: oidcClientSecret,
-        grant_type: 'authorization_code',
-        redirect_uri: callbackUrl,
-        client_id: oidcClientId,
-        code,
-      }),
+      headers: new Headers([
+        ['Content-Type', 'application/x-www-form-urlencoded'],
+      ]),
+      body: formData,
    });

    // Check that the response is valid
--- a/src/components/Login/index.tsx
+++ b/src/components/Login/index.tsx
@ -20,7 +20,7 @@ const messages = defineMessages({
  signinheader: 'Sign in to continue',
  signinwithplex: 'Use your Plex account',
  signinwithoverseerr: 'Use your {applicationTitle} account',
-  signinwithoidc: 'Use your {oidcName} account',
+  signinwithoidcaccount: 'Use your {oidcName} account',
 });

 const Login = () => {
@ -170,7 +170,7 @@ const Login = () => {
                        }`}
                        onClick={() => handleClick(2)}
                      >
-                        {intl.formatMessage(messages.signinwithoidc, {
+                        {intl.formatMessage(messages.signinwithoidcaccount, {
                          oidcName: settings.currentSettings.oidcName,
                        })}
                      </button>
--- a/src/components/Settings/SettingsUsers/index.tsx
+++ b/src/components/Settings/SettingsUsers/index.tsx
@ -58,9 +58,8 @@ const validationSchema = yup.object().shape({
        test: (val) => {
          return (
            !!val &&
-            /^(?!:\/\/)([a-zA-Z0-9-_]+\.)*[a-zA-Z0-9][a-zA-Z0-9-_]+\.[a-zA-Z]{2,11}?$/.test(
-              val
-            )
+            // Any HTTPS domain without query string
+            /^([a-zA-Z0-9-_]+\.)[^?]+$/i.test(val)
          );
        },
      }),