synced/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2025-07-15 22:20:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: prevent infinite redirect oauth auth flow (#10430)

Browse Source 
* fix: prevent infinite redirect oauth auth flow
This commit is contained in:
Steven Masley
2023-10-30 15:45:06 -04:00
committed by GitHub
parent 7fc1a65b14
commit 9d2b805fb7
2 changed files with 38 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
coderd/externalauth.go
View File

@ -268,8 +268,9 @@ func (api *API) externalAuthCallback(externalAuthConfig *externalauth.Config) ht
redirect := state.Redirect
if redirect == "" {
// This is a nicely rendered screen on the frontend
redirect = fmt.Sprintf("/external-auth/%s", externalAuthConfig.ID)
// This is a nicely rendered screen on the frontend. Passing the query param lets the
// FE know not to enter the authentication loop again, and instead display an error.
redirect = fmt.Sprintf("/external-auth/%s?redirected=true", externalAuthConfig.ID)
}
http.Redirect(rw, r, redirect, http.StatusTemporaryRedirect)
}