From 233629568051e16bd9b06f8b810496031c1e4985 Mon Sep 17 00:00:00 2001 From: Vadim Yakhin Date: Thu, 9 Sep 2021 16:47:53 -0300 Subject: [PATCH] Fix confidential OAuth flow Previously we were accepting "string | undefined" as `state` parameter. But if the `state` was not present in the URL, we received null. That was breaking the confidential flow in cases where `state` was not provided. This commit changes the type of parameter to "string | null" and fixes the flow in such cases. --- .../server/routes/workplace_search/oauth.ts | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/x-pack/plugins/enterprise_search/server/routes/workplace_search/oauth.ts b/x-pack/plugins/enterprise_search/server/routes/workplace_search/oauth.ts index 5c2277278bb13..a87d22b6b047a 100644 --- a/x-pack/plugins/enterprise_search/server/routes/workplace_search/oauth.ts +++ b/x-pack/plugins/enterprise_search/server/routes/workplace_search/oauth.ts @@ -26,7 +26,7 @@ export function registerOAuthAuthorizeRoute({ response_mode: schema.maybe(schema.string()), redirect_uri: schema.maybe(schema.string()), scope: schema.maybe(schema.string()), - state: schema.maybe(schema.string()), + state: schema.nullable(schema.string()), }), }, }, @@ -49,7 +49,7 @@ export function registerOAuthAuthorizeAcceptRoute({ response_type: schema.string(), redirect_uri: schema.maybe(schema.string()), scope: schema.maybe(schema.string()), - state: schema.maybe(schema.string()), + state: schema.nullable(schema.string()), }), }, }, @@ -72,7 +72,7 @@ export function registerOAuthAuthorizeDenyRoute({ response_type: schema.string(), redirect_uri: schema.maybe(schema.string()), scope: schema.maybe(schema.string()), - state: schema.maybe(schema.string()), + state: schema.nullable(schema.string()), }), }, },