bug: callback query string is appended after hash

pulsejet / nextcloud-oidc-login

Nextcloud login via a single OpenID Connect 1.0 provider

https://apps.nextcloud.com/apps/oidc_login

GNU Affero General Public License v3.0

219 stars 59 forks source link

bug: callback query string is appended after hash #251

Open tennox opened 9 months ago

tennox commented 9 months ago

I crafted a PR to a oidc-client lib to support parsing the URLs format that this plugin returns:

http://foo/#/bar?cod=param1&state=123

but got the reply that it's actually a bug in my Identity provider (this plugin), and correct would be:

http://foo/?cod=param1&state=123#/bar

and checked other resources to confirm that this is the correct way.

According to #182 - I shall craft a PR myself, but opened this issue to give a heads-up and to ask for feedback :)

azmeuk commented 9 months ago

Hi @tennox Sure please open a PR, though I wonder if this will be on the side of nextcloud-oidc-login or the underlying OpenIDConnect-PHP.

pulsejet commented 9 months ago

Yeah, I'm inclined to think the bug is either in the OIDC library or your IdP itself, depending on when this happens. I don't remember us constructing any URLs (if we do, maybe that can be removed?)