diff options
author | Igor Pashev <pashev.igor@gmail.com> | 2016-11-20 11:57:15 +0300 |
---|---|---|
committer | Igor Pashev <pashev.igor@gmail.com> | 2016-11-20 11:57:15 +0300 |
commit | ebbd8b792c22ed6ccd94dcfb39f5323861f10849 (patch) | |
tree | e9a644e1566273e355d03336b69123007c9e2925 /src | |
parent | 4a9f329a6ea9bfa03352ca0d9dd1d556b93bec36 (diff) | |
download | sproxy2-ebbd8b792c22ed6ccd94dcfb39f5323861f10849.tar.gz |
oauth2 callback state: include query params
If method of the original query is GET,
redirect to original path with query parameters.
Otherwise redirect to "/".
Previously, when unauthenticated users click on "https://example.net/foo?bar",
they are redirected to "https://example.net/foo" after authentication.
Now, they will be redirected to "https://example.net/foo?bar"
Diffstat (limited to 'src')
-rw-r--r-- | src/Sproxy/Application.hs | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/Sproxy/Application.hs b/src/Sproxy/Application.hs index 2391220..e4cc3ab 100644 --- a/src/Sproxy/Application.hs +++ b/src/Sproxy/Application.hs @@ -243,7 +243,9 @@ authenticationRequired key oa2 req resp = do Log.info $ "511 Unauthenticated: " ++ showReq req resp $ W.responseLBS networkAuthenticationRequired511 [(hContentType, "text/html; charset=utf-8")] page where - path = W.rawPathInfo req -- FIXME: make it more robust for non-GET or XMLHTTPRequest? + path = if W.requestMethod req == methodGet + then W.rawPathInfo req <> W.rawQueryString req + else "/" state = State.encode key path authLink :: Text -> OAuth2Client -> ByteString -> ByteString authLink provider oa2c html = |