[Bug]: Trailing Slash in URL gets removed

HEPTACOM / HeptacomShopwarePlatformAdminOpenAuth

Shopware plugin to allow open auth logins in the administration

https://www.heptacom.de/

Apache License 2.0

30 stars 10 forks source link

[Bug]: Trailing Slash in URL gets removed #20

Closed Rindula closed 5 months ago

Rindula commented 5 months ago

Plugin Version

6.0.1

PHP Version

8.3

Shopware Version

6.5.8.7

Installation method

Github Tag -> Source Download

Identity provider

OpenID Connect

What happened?

When entering an url, the url gets formatted and all trailing slashes get removed. My Identity Provider requires a trailing slash at the end of the url, otherwise an error occurs.

Example:

auth.example.com/application/o/userinfo/

becomes

auth.example.com/application/o/userinfo (which results in an error)

Relevant log output

No response

JoshuaBehrens commented 5 months ago

Hi @Rindula thank you for pointing this out. I do not have an IDP with that requirement at hand but I tried entering a value and the underlying issue seems to be the input field we use for URLs provided by Shopware themselves: https://github.com/shopware/shopware/blob/v6.5.8.7/src/Administration/Resources/app/administration/src/app/component/form/sw-url-field/index.js#L169 So it should not be changed by the backend logic just the administration frontend. Please try to change the value via database or API. Look into the heptacom_admin_open_auth_client table/entity and look into the config field.

If this works for you, you can already continue using your IDP until the next time you save the OAuth client form. I do not see this as a long-term solution and we will have a look how we allow trailing slashes. Likely we will not use sw-url-field anymore.

Shopware "is aware" of this. https://issues.shopware.com/issues/NEXT-21017 I will add this case into this as well

Rindula commented 5 months ago

I just did that and it works. It's just the administration frontend which removes the slash.

The IDP I use is called authentik (https://goauthentik.io/) if you want something to test with.

JoshuaBehrens commented 5 months ago

Thank you for testing it out @Rindula . I had a talk with @silviokennecke and we decided to provide a patch with a custom sw-url-field to prevent this issue on the long run. We will keep you posted, when we have this ready.

Thank you for sharing the tool you use. For OIDC we test with keycloak. That at least explains our different way in testing.

JoshuaBehrens commented 5 months ago

@Rindula please try out 6.0.2-rc.1 if it fixes your issue

Rindula commented 5 months ago

This works as it should - Thanks a lot for the quick response and implementation!

JoshuaBehrens commented 5 months ago

You're welcome :) thank you for supporting to find the issue and validate the solution. We will soon (tm) release the 6.0.2 also in the community store. Please also "buy" it there so we can see the used Shopware versions for our update planning :)