gromov/casdoor
1
0
Fork 0
forked from casdoor/casdoor
Code Pull Requests Actions Packages Releases Activity

fix: forward RFC 8707 resource parameter to /api/login in web login flow

Browse Source 
Co-authored-by: hsluoyz <3787410+hsluoyz@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-03-20 12:13:46 +00:00
parent 8637c77513
commit 2dcbfc1cc1
3 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
web/public/AuthCallbackHandler.js
View File

@@ -159,6 +159,7 @@
codeChallenge: getRefinedValue(innerParams.get("code_challenge")),
responseMode: getRefinedValue(innerParams.get("response_mode")),
relayState: getRefinedValue(lowercaseQueries["relaystate"]),
resource: getRefinedValue(innerParams.get("resource")),
type: "code"
};
}
@@ -176,7 +177,8 @@
"&state=" + oAuthParams.state +
"&nonce=" + oAuthParams.nonce +
"&code_challenge_method=" + oAuthParams.challengeMethod +
"&code_challenge=" + oAuthParams.codeChallenge;
"&code_challenge=" + oAuthParams.codeChallenge +
"&resource=" + encodeURIComponent(oAuthParams.resource || "");
}
function createFormAndSubmit(action, params) {

2
web/src/auth/AuthBackend.js
View File

@@ -57,7 +57,7 @@ export function oAuthParamsToQuery(oAuthParams) {
}
// code
return `?clientId=${oAuthParams.clientId}&responseType=${oAuthParams.responseType}&redirectUri=${encodeURIComponent(oAuthParams.redirectUri)}&type=${oAuthParams.type}&scope=${oAuthParams.scope}&state=${oAuthParams.state}&nonce=${oAuthParams.nonce}&code_challenge_method=${oAuthParams.challengeMethod}&code_challenge=${oAuthParams.codeChallenge}`;
return `?clientId=${oAuthParams.clientId}&responseType=${oAuthParams.responseType}&redirectUri=${encodeURIComponent(oAuthParams.redirectUri)}&type=${oAuthParams.type}&scope=${oAuthParams.scope}&state=${oAuthParams.state}&nonce=${oAuthParams.nonce}&code_challenge_method=${oAuthParams.challengeMethod}&code_challenge=${oAuthParams.codeChallenge}&resource=${encodeURIComponent(oAuthParams.resource || "")}`;
}
export function getApplicationLogin(params) {

2
web/src/auth/Util.js
View File

@@ -141,6 +141,7 @@ export function getOAuthGetParameters(params) {
const samlRequest = getRefinedValue(lowercaseQueries["samlRequest".toLowerCase()]);
const relayState = getRefinedValue(lowercaseQueries["RelayState".toLowerCase()]);
const noRedirect = getRefinedValue(lowercaseQueries["noRedirect".toLowerCase()]);
const resource = getRefinedValue(queries.get("resource"));
if (clientId === "" && samlRequest === "") {
// login
@@ -160,6 +161,7 @@ export function getOAuthGetParameters(params) {
samlRequest: samlRequest,
relayState: relayState,
noRedirect: noRedirect,
resource: resource,
type: "code",
};
}