github/OpenHands
1
0
Fork 0
mirror of https://github.com/OpenHands/OpenHands.git synced 2025-12-26 05:48:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

Make sure redirect URI is HTTPS unless it is for localhost (#9076)

Browse Source
This commit is contained in:
chuckbutkus 2025-06-11 14:19:15 -04:00 committed by GitHub
parent c11dcad309
commit 7dede37fd8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
frontend/src/utils/generate-auth-url.ts
View File

@ -5,7 +5,10 @@
* @returns The URL to redirect to for OAuth
*/
export const generateAuthUrl = (identityProvider: string, requestUrl: URL) => {
const redirectUri = `${requestUrl.origin}/oauth/keycloak/callback`;
// Use HTTPS protocol unless the host is localhost
const protocol =
requestUrl.hostname === "localhost" ? requestUrl.protocol : "https:";
const redirectUri = `${protocol}//${requestUrl.host}/oauth/keycloak/callback`;
let authUrl = requestUrl.hostname
.replace(/(^|\.)staging\.all-hands\.dev$/, "$1auth.staging.all-hands.dev")
.replace(/(^|\.)app\.all-hands\.dev$/, "auth.app.all-hands.dev")