From 9cf304fa392a6e5c550c88ce6effa096088ce8f9 Mon Sep 17 00:00:00 2001 From: Markus Machatschek Date: Mon, 24 Jun 2019 19:08:52 +0200 Subject: [PATCH] fix(oauth2): correctly handle callback with hash (#394) --- lib/schemes/oauth2.js | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/lib/schemes/oauth2.js b/lib/schemes/oauth2.js index 389c5d0e0..32b601832 100644 --- a/lib/schemes/oauth2.js +++ b/lib/schemes/oauth2.js @@ -1,4 +1,4 @@ -import { encodeQuery } from '../utilities' +import { encodeQuery, parseQuery } from '../utilities' import nanoid from 'nanoid' const isHttps = process.server ? require('is-https') : null @@ -133,7 +133,8 @@ export default class Oauth2Scheme { return } - const parsedQuery = Object.assign({}, this.$auth.ctx.route.query, this.$auth.ctx.route.hash) + const hash = parseQuery(this.$auth.ctx.route.hash.substr(1)) + const parsedQuery = Object.assign({}, this.$auth.ctx.route.query, hash) // accessToken/idToken let token = parsedQuery[this.options.token_key || 'access_token'] // refresh token @@ -148,7 +149,7 @@ export default class Oauth2Scheme { // -- Authorization Code Grant -- if (this.options.response_type === 'code' && parsedQuery.code) { - let data = await this.$auth.request({ + const data = await this.$auth.request({ method: 'post', url: this.options.access_token_endpoint, baseURL: process.server ? undefined : false,