Remove parseAuthzRedirectURI function #3813

authgear · Mar 4, 2024 · a82f704 · a82f704
1 parent 65db697
commit a82f704
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 52 deletions.
diff --git a/pkg/lib/oauth/handler/handler_authz.go b/pkg/lib/oauth/handler/handler_authz.go
@@ -126,17 +126,7 @@ func (h *AuthorizationHandler) Handle(r protocol.AuthorizationRequest) httputil.
 		}
 	}
 
-	oauthSessionEntry := oauthsession.NewEntry(oauthsession.T{
-		AuthorizationRequest: r,
-	})
-	err := h.OAuthSessionService.Save(oauthSessionEntry)
-	if err != nil {
-		return authorizationResultError{
-			ResponseMode: r.ResponseMode(),
-			Response:     protocol.NewErrorResponse("server_error", "internal server error"),
-		}
-	}
-	redirectURI, errResp := parseAuthzRedirectURI(client, h.UIURLBuilder, h.HTTPProto, h.HTTPOrigin, h.AppDomains, oauthSessionEntry, r)
+	redirectURI, errResp := parseRedirectURI(client, h.HTTPProto, h.HTTPOrigin, h.AppDomains, r)
 	if errResp != nil {
 		return authorizationResultError{
 			ResponseMode: r.ResponseMode(),
@@ -392,6 +382,22 @@ func (h *AuthorizationHandler) doHandle(
 		return nil, err
 	}
 
+	// create oauth session and redirect to the web app
+	oauthSessionEntry := oauthsession.NewEntry(oauthsession.T{
+		AuthorizationRequest: r,
+	})
+	err = h.OAuthSessionService.Save(oauthSessionEntry)
+	if err != nil {
+		return nil, err
+	}
+
+	if r.ResponseType() == string(SettingsActonResponseType) {
+		redirectURI, err = h.UIURLBuilder.BuildSettingsActionURL(client, r, oauthSessionEntry, redirectURI)
+		if err != nil {
+			return nil, err
+		}
+	}
+
 	loginHintString, loginHintOk := r.LoginHint()
 	// Handle app session token here, and return here.
 	// Anonymous user promotion is handled by the normal flow below.
@@ -420,15 +426,6 @@ func (h *AuthorizationHandler) doHandle(
 	idToken := uiInfoByProduct.IDToken
 	idTokenHintSID := uiInfoByProduct.IDTokenHintSID
 
-	// create oauth session and redirect to the web app
-	oauthSessionEntry := oauthsession.NewEntry(oauthsession.T{
-		AuthorizationRequest: r,
-	})
-	err = h.OAuthSessionService.Save(oauthSessionEntry)
-	if err != nil {
-		return nil, err
-	}
-
 	// Handle prompt!=none
 	// We must return here.
 	if !slice.ContainsString(uiInfo.Prompt, "none") {

diff --git a/pkg/lib/oauth/handler/resolve.go b/pkg/lib/oauth/handler/resolve.go
@@ -6,7 +6,6 @@ import (
 	"net/url"
 
 	"github.com/authgear/authgear-server/pkg/lib/config"
-	"github.com/authgear/authgear-server/pkg/lib/oauth/oauthsession"
 	"github.com/authgear/authgear-server/pkg/lib/oauth/protocol"
 	"github.com/authgear/authgear-server/pkg/util/httputil"
 )
@@ -102,34 +101,3 @@ func validateRedirectURI(
 
 	return nil
 }
-
-func parseAuthzRedirectURI(
-	client *config.OAuthClientConfig,
-	uiURLBuilder UIURLBuilder,
-	httpProto httputil.HTTPProto,
-	httpOrigin httputil.HTTPOrigin,
-	domainWhitelist []string,
-	e *oauthsession.Entry,
-	r protocol.AuthorizationRequest,
-) (*url.URL, protocol.ErrorResponse) {
-	if r.ResponseType() != string(SettingsActonResponseType) {
-		return parseRedirectURI(client, httpProto, httpOrigin, domainWhitelist, r)
-	}
-
-	redirectURI, err := url.Parse(r.RedirectURI())
-	if err != nil {
-		return nil, protocol.NewErrorResponse("invalid_request", "invalid redirect URI")
-	}
-
-	err = validateRedirectURI(client, httpProto, httpOrigin, domainWhitelist, redirectURI)
-	if err != nil {
-		return nil, protocol.NewErrorResponse("invalid_request", err.Error())
-	}
-
-	settingsActionURI, err := uiURLBuilder.BuildSettingsActionURL(client, r, e, redirectURI)
-	if err != nil {
-		return nil, protocol.NewErrorResponse("invalid_request", err.Error())
-	}
-
-	return settingsActionURI, nil
-}