aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorIgor Pashev <pashev.igor@gmail.com>2016-11-20 11:57:15 +0300
committerIgor Pashev <pashev.igor@gmail.com>2016-11-20 11:57:15 +0300
commitebbd8b792c22ed6ccd94dcfb39f5323861f10849 (patch)
treee9a644e1566273e355d03336b69123007c9e2925 /src
parent4a9f329a6ea9bfa03352ca0d9dd1d556b93bec36 (diff)
downloadsproxy2-ebbd8b792c22ed6ccd94dcfb39f5323861f10849.tar.gz
oauth2 callback state: include query params
If method of the original query is GET, redirect to original path with query parameters. Otherwise redirect to "/". Previously, when unauthenticated users click on "https://example.net/foo?bar", they are redirected to "https://example.net/foo" after authentication. Now, they will be redirected to "https://example.net/foo?bar"
Diffstat (limited to 'src')
-rw-r--r--src/Sproxy/Application.hs4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/Sproxy/Application.hs b/src/Sproxy/Application.hs
index 2391220..e4cc3ab 100644
--- a/src/Sproxy/Application.hs
+++ b/src/Sproxy/Application.hs
@@ -243,7 +243,9 @@ authenticationRequired key oa2 req resp = do
Log.info $ "511 Unauthenticated: " ++ showReq req
resp $ W.responseLBS networkAuthenticationRequired511 [(hContentType, "text/html; charset=utf-8")] page
where
- path = W.rawPathInfo req -- FIXME: make it more robust for non-GET or XMLHTTPRequest?
+ path = if W.requestMethod req == methodGet
+ then W.rawPathInfo req <> W.rawQueryString req
+ else "/"
state = State.encode key path
authLink :: Text -> OAuth2Client -> ByteString -> ByteString
authLink provider oa2c html =