helpy4/immich
1
0
Fork 0
mirror of https://github.com/immich-app/immich synced 2025-10-17 18:19:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(oauth): omit blank pkce from url when not supported (#21976)

Browse source 
* fix(oauth): omit blank pkce from url when now pkce

* fix(oauth): use spread operator for pkce params

* chore: use first method

---------

Co-authored-by: Your Name <you@example.com>
Co-authored-by: Jason Rasmussen <jrasm91@gmail.com>
This commit is contained in:
uphillcheddar 2025-09-15 23:48:33 -04:00 committed by GitHub
parent fda215f97f
commit a7addfece8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 12 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

16
server/src/repositories/oauth.repository.ts
View file

@ -29,6 +29,7 @@ export class OAuthRepository {
);
const client = await this.getClient(config);
state ??= randomState();
let codeVerifier: string | null;
if (codeChallenge) {
codeVerifier = null;
@ -36,13 +37,20 @@ export class OAuthRepository {
codeVerifier = randomPKCECodeVerifier();
codeChallenge = await calculatePKCECodeChallenge(codeVerifier);
}
const url = buildAuthorizationUrl(client, {
const params: Record<string, string> = {
redirect_uri: redirectUrl,
scope: config.scope,
state,
code_challenge: client.serverMetadata().supportsPKCE() ? codeChallenge : '',
code_challenge_method: client.serverMetadata().supportsPKCE() ? 'S256' : '',
}).toString();
};
if (client.serverMetadata().supportsPKCE()) {
params.code_challenge = codeChallenge;
params.code_challenge_method = 'S256';
}
const url = buildAuthorizationUrl(client, params).toString();
return { url, state, codeVerifier };
}