From ef24e3064f9bbc636d24affae9ce3feb1a74ce74 Mon Sep 17 00:00:00 2001
From: Jakob Ankarhem <jakob.ankarhem@outlook.com>
Date: Sat, 1 Oct 2022 18:42:13 +0200
Subject: [PATCH] fix: review comments

---
 server/routes/auth.ts                         | 21 +++++++++++--------
 src/components/Login/index.tsx                |  4 ++--
 .../Settings/SettingsUsers/index.tsx          |  5 ++---
 3 files changed, 16 insertions(+), 14 deletions(-)

diff --git a/server/routes/auth.ts b/server/routes/auth.ts
index bada2922d..f0dc9ddc8 100644
--- a/server/routes/auth.ts
+++ b/server/routes/auth.ts
@@ -476,18 +476,21 @@ authRoutes.get('/oidc-callback', async (req, res, next) => {
     // Fetch the token data
     const callbackUrl = new URL(
       '/api/v1/auth/oidc-callback',
-      `http://${req.headers.host}`
+      `${req.protocol}://${req.headers.host}`
     );
+
+    const formData = new URLSearchParams();
+    formData.append('client_secret', oidcClientSecret);
+    formData.append('grant_type', 'authorization_code');
+    formData.append('redirect_uri', callbackUrl.toString());
+    formData.append('client_id', oidcClientId);
+    formData.append('code', code);
     const response = await fetch(wellKnownInfo.token_endpoint, {
       method: 'POST',
-      headers: new Headers([['Content-Type', 'application/json']]),
-      body: JSON.stringify({
-        client_cecret: oidcClientSecret,
-        grant_type: 'authorization_code',
-        redirect_uri: callbackUrl,
-        client_id: oidcClientId,
-        code,
-      }),
+      headers: new Headers([
+        ['Content-Type', 'application/x-www-form-urlencoded'],
+      ]),
+      body: formData,
     });
 
     // Check that the response is valid
diff --git a/src/components/Login/index.tsx b/src/components/Login/index.tsx
index 5b3b64ff9..3edafeeab 100644
--- a/src/components/Login/index.tsx
+++ b/src/components/Login/index.tsx
@@ -20,7 +20,7 @@ const messages = defineMessages({
   signinheader: 'Sign in to continue',
   signinwithplex: 'Use your Plex account',
   signinwithoverseerr: 'Use your {applicationTitle} account',
-  signinwithoidc: 'Use your {oidcName} account',
+  signinwithoidcaccount: 'Use your {oidcName} account',
 });
 
 const Login = () => {
@@ -170,7 +170,7 @@ const Login = () => {
                         }`}
                         onClick={() => handleClick(2)}
                       >
-                        {intl.formatMessage(messages.signinwithoidc, {
+                        {intl.formatMessage(messages.signinwithoidcaccount, {
                           oidcName: settings.currentSettings.oidcName,
                         })}
                       </button>
diff --git a/src/components/Settings/SettingsUsers/index.tsx b/src/components/Settings/SettingsUsers/index.tsx
index 8ea1ca4d7..3905bf56f 100644
--- a/src/components/Settings/SettingsUsers/index.tsx
+++ b/src/components/Settings/SettingsUsers/index.tsx
@@ -58,9 +58,8 @@ const validationSchema = yup.object().shape({
         test: (val) => {
           return (
             !!val &&
-            /^(?!:\/\/)([a-zA-Z0-9-_]+\.)*[a-zA-Z0-9][a-zA-Z0-9-_]+\.[a-zA-Z]{2,11}?$/.test(
-              val
-            )
+            // Any HTTPS domain without query string
+            /^([a-zA-Z0-9-_]+\.)[^?]+$/i.test(val)
           );
         },
       }),