Better authorization URL handling

This commit is contained in:
Gregory Schier
2025-07-18 14:48:45 -07:00
parent 5061e17700
commit a657c32445
4 changed files with 17 additions and 7 deletions
@@ -52,7 +52,12 @@ export async function getAuthorizationCode(
return token; return token;
} }
const authorizationUrl = new URL(`${authorizationUrlRaw ?? ''}`); let authorizationUrl: URL;
try {
authorizationUrl = new URL(`${authorizationUrlRaw ?? ''}`);
} catch {
throw new Error('Invalid authorization URL: ' + authorizationUrlRaw);
}
authorizationUrl.searchParams.set('response_type', 'code'); authorizationUrl.searchParams.set('response_type', 'code');
authorizationUrl.searchParams.set('client_id', clientId); authorizationUrl.searchParams.set('client_id', clientId);
if (redirectUri) authorizationUrl.searchParams.set('redirect_uri', redirectUri); if (redirectUri) authorizationUrl.searchParams.set('redirect_uri', redirectUri);
+6 -1
View File
@@ -31,7 +31,12 @@ export async function getImplicit(
return token; return token;
} }
const authorizationUrl = new URL(`${authorizationUrlRaw ?? ''}`); let authorizationUrl: URL;
try {
authorizationUrl = new URL(`${authorizationUrlRaw ?? ''}`);
} catch {
throw new Error('Invalid authorization URL: ' + authorizationUrlRaw);
}
authorizationUrl.searchParams.set('response_type', 'token'); authorizationUrl.searchParams.set('response_type', 'token');
authorizationUrl.searchParams.set('client_id', clientId); authorizationUrl.searchParams.set('client_id', clientId);
if (redirectUri) authorizationUrl.searchParams.set('redirect_uri', redirectUri); if (redirectUri) authorizationUrl.searchParams.set('redirect_uri', redirectUri);
+5 -4
View File
@@ -312,10 +312,11 @@ export const plugin: PluginDefinition = {
const authorizationUrl = stringArg(values, 'authorizationUrl'); const authorizationUrl = stringArg(values, 'authorizationUrl');
const accessTokenUrl = stringArg(values, 'accessTokenUrl'); const accessTokenUrl = stringArg(values, 'accessTokenUrl');
token = await getAuthorizationCode(ctx, contextId, { token = await getAuthorizationCode(ctx, contextId, {
accessTokenUrl: accessTokenUrl.match(/^https?:\/\//) accessTokenUrl:
? accessTokenUrl accessTokenUrl === '' || accessTokenUrl.match(/^https?:\/\//)
: `https://${accessTokenUrl}`, ? accessTokenUrl
authorizationUrl: authorizationUrl.match(/^https?:\/\//) : `https://${accessTokenUrl}`,
authorizationUrl: authorizationUrl === '' || authorizationUrl.match(/^https?:\/\//)
? authorizationUrl ? authorizationUrl
: `https://${authorizationUrl}`, : `https://${authorizationUrl}`,
clientId: stringArg(values, 'clientId'), clientId: stringArg(values, 'clientId'),
@@ -139,7 +139,6 @@ export function getLanguageExtension({
onShowInDocs(field, type, parentType) { onShowInDocs(field, type, parentType) {
const activeRequestId = jotaiStore.get(activeRequestIdAtom); const activeRequestId = jotaiStore.get(activeRequestIdAtom);
if (activeRequestId == null) return; if (activeRequestId == null) return;
console.log('SHOW IN DOCS', field);
jotaiStore.set(showGraphQLDocExplorerAtom, (v) => ({ jotaiStore.set(showGraphQLDocExplorerAtom, (v) => ({
...v, ...v,
[activeRequestId]: { field, type, parentType }, [activeRequestId]: { field, type, parentType },