301 Redirect is needed for OAuth 2.0 support

personium / personium-engine

Additional module for personium-core to enable server-side JavaScript execution.

Apache License 2.0

16 stars 7 forks source link

301 Redirect is needed for OAuth 2.0 support #49

Closed dixonsiu closed 6 years ago

dixonsiu commented 6 years ago

In order to support OAuth 2.0, we need to redirect from App Cell to Google Authorization Server.
Currently 302 will not work properly. Must use 301 to move to the server completely.

dixonsiu commented 6 years ago

Hotfix

Return a HTML with redirect meta tag.

HTML with meta tag

function create301HTML(url) {
    var html = [
        '<html>',
            '<head>',
                '<meta http-equiv="refresh" ',
                'content="0;URL=\'' + url + '\'" />',
            '</head>',
            '<body></body>',
        '</html>'
    ].join("");
    return html;
};

Personium Engine Script Sample

return {
    status : 200,
    headers: {"Content-Type":"text/html"},
    body : [create301HTML(redirectUrl)]
};

SawamiWataru commented 6 years ago

This problem has been fixed with commit dd351d02f09b69547d03d18ad12232e7a818b6a6 and released in v1.5.12.