From 017c3215eba4f68ef1f4e190397e9e4c95ab2cef Mon Sep 17 00:00:00 2001 From: Max Peintner Date: Tue, 3 Dec 2024 14:31:50 +0100 Subject: [PATCH] use origin header instead of host --- .../app/(login)/authenticator/set/page.tsx | 4 ---- .../src/app/(login)/otp/[method]/page.tsx | 4 ++-- apps/login/src/components/login-otp.tsx | 8 +++---- apps/login/src/lib/server/idp.ts | 10 ++++---- apps/login/src/lib/server/invite.ts | 4 ++-- apps/login/src/lib/server/loginname.ts | 24 ++++++++----------- apps/login/src/lib/server/passkeys.ts | 2 +- apps/login/src/lib/server/password.ts | 4 ++-- apps/login/src/lib/zitadel.ts | 12 +++++----- 9 files changed, 32 insertions(+), 40 deletions(-) diff --git a/apps/login/src/app/(login)/authenticator/set/page.tsx b/apps/login/src/app/(login)/authenticator/set/page.tsx index 36294c8c1cf..a34a9e8c7c7 100644 --- a/apps/login/src/app/(login)/authenticator/set/page.tsx +++ b/apps/login/src/app/(login)/authenticator/set/page.tsx @@ -110,10 +110,6 @@ export default async function Page(props: { params.set("authRequestId", authRequestId); } - const host = process.env.VERCEL_URL - ? `https://${process.env.VERCEL_URL}` - : "http://localhost:3000"; - return (
diff --git a/apps/login/src/app/(login)/otp/[method]/page.tsx b/apps/login/src/app/(login)/otp/[method]/page.tsx index 1c0904cee22..c509cc6ee13 100644 --- a/apps/login/src/app/(login)/otp/[method]/page.tsx +++ b/apps/login/src/app/(login)/otp/[method]/page.tsx @@ -31,7 +31,7 @@ export default async function Page(props: { const loginSettings = await getLoginSettings(organization); - const host = (await headers()).get("host"); + const origin = (await headers()).get("origin"); return ( @@ -70,7 +70,7 @@ export default async function Page(props: { organization={organization} method={method} loginSettings={loginSettings} - host={host} + origin={origin} code={code} > )} diff --git a/apps/login/src/components/login-otp.tsx b/apps/login/src/components/login-otp.tsx index 262541eb1bc..6dbacdb66e3 100644 --- a/apps/login/src/components/login-otp.tsx +++ b/apps/login/src/components/login-otp.tsx @@ -25,7 +25,7 @@ type Props = { method: string; code?: string; loginSettings?: LoginSettings; - host: string | null; + origin: string | null; }; type Inputs = { @@ -40,7 +40,7 @@ export function LoginOTP({ method, code, loginSettings, - host, + origin, }: Props) { const t = useTranslations("otp"); @@ -81,10 +81,10 @@ export function LoginOTP({ otpEmail: { deliveryType: { case: "sendCode", - value: host + value: origin ? { urlTemplate: - `${host.includes("localhost") ? "http://" : "https://"}${host}/otp/method=${method}?code={{.Code}}&userId={{.UserID}}&sessionId={{.SessionID}}&organization={{.OrgID}}` + + `${origin}/otp/method=${method}?code={{.Code}}&userId={{.UserID}}&sessionId={{.SessionID}}&organization={{.OrgID}}` + (authRequestId ? `&authRequestId=${authRequestId}` : ""), } : {}, diff --git a/apps/login/src/lib/server/idp.ts b/apps/login/src/lib/server/idp.ts index ebb755987e7..0b376ad4bc6 100644 --- a/apps/login/src/lib/server/idp.ts +++ b/apps/login/src/lib/server/idp.ts @@ -10,17 +10,17 @@ export type StartIDPFlowCommand = { }; export async function startIDPFlow(command: StartIDPFlowCommand) { - const host = (await headers()).get("host"); + const origin = (await headers()).get("origin"); - if (!host) { - return { error: "Could not get host" }; + if (!origin) { + return { error: "Could not get origin" }; } return startIdentityProviderFlow({ idpId: command.idpId, urls: { - successUrl: `${host.includes("localhost") ? "http://" : "https://"}${host}${command.successUrl}`, - failureUrl: `${host.includes("localhost") ? "http://" : "https://"}${host}${command.failureUrl}`, + successUrl: `${origin}${command.successUrl}`, + failureUrl: `${origin}${command.failureUrl}`, }, }).then((response) => { if ( diff --git a/apps/login/src/lib/server/invite.ts b/apps/login/src/lib/server/invite.ts index 3c68587898a..b9db345b21e 100644 --- a/apps/login/src/lib/server/invite.ts +++ b/apps/login/src/lib/server/invite.ts @@ -20,7 +20,7 @@ export type RegisterUserResponse = { }; export async function inviteUser(command: InviteUserCommand) { - const host = (await headers()).get("host"); + const origin = (await headers()).get("origin"); const human = await addHumanUser({ email: command.email, @@ -34,7 +34,7 @@ export async function inviteUser(command: InviteUserCommand) { return { error: "Could not create user" }; } - const codeResponse = await createInviteCode(human.userId, host); + const codeResponse = await createInviteCode(human.userId, origin); if (!codeResponse || !human) { return { error: "Could not create invite code" }; diff --git a/apps/login/src/lib/server/loginname.ts b/apps/login/src/lib/server/loginname.ts index 295f9b455f6..ca92ad15564 100644 --- a/apps/login/src/lib/server/loginname.ts +++ b/apps/login/src/lib/server/loginname.ts @@ -53,10 +53,10 @@ export async function sendLoginname(command: SendLoginnameCommand) { }); if (identityProviders.length === 1) { - const host = (await headers()).get("host"); + const origin = (await headers()).get("origin"); - if (!host) { - return { error: "Could not get host" }; + if (!origin) { + return { error: "Could not get origin" }; } const identityProviderType = identityProviders[0].type; @@ -77,11 +77,9 @@ export async function sendLoginname(command: SendLoginnameCommand) { idpId: identityProviders[0].id, urls: { successUrl: - `${host.includes("localhost") ? "http://" : "https://"}${host}/idp/${provider}/success?` + - new URLSearchParams(params), + `${origin}/idp/${provider}/success?` + new URLSearchParams(params), failureUrl: - `${host.includes("localhost") ? "http://" : "https://"}${host}/idp/${provider}/failure?` + - new URLSearchParams(params), + `${origin}/idp/${provider}/failure?` + new URLSearchParams(params), }, }); @@ -97,10 +95,10 @@ export async function sendLoginname(command: SendLoginnameCommand) { }); if (identityProviders.length === 1) { - const host = (await headers()).get("host"); + const origin = (await headers()).get("origin"); - if (!host) { - return { error: "Could not get host" }; + if (!origin) { + return { error: "Could not get origin" }; } const identityProviderId = identityProviders[0].idpId; @@ -130,11 +128,9 @@ export async function sendLoginname(command: SendLoginnameCommand) { idpId: idp.id, urls: { successUrl: - `${host.includes("localhost") ? "http://" : "https://"}${host}/idp/${provider}/success?` + - new URLSearchParams(params), + `${origin}/idp/${provider}/success?` + new URLSearchParams(params), failureUrl: - `${host.includes("localhost") ? "http://" : "https://"}${host}/idp/${provider}/failure?` + - new URLSearchParams(params), + `${origin}/idp/${provider}/failure?` + new URLSearchParams(params), }, }); diff --git a/apps/login/src/lib/server/passkeys.ts b/apps/login/src/lib/server/passkeys.ts index 181962cae11..518b0709938 100644 --- a/apps/login/src/lib/server/passkeys.ts +++ b/apps/login/src/lib/server/passkeys.ts @@ -40,7 +40,7 @@ export async function registerPasskeyLink( const host = (await headers()).get("host"); if (!host) { - throw new Error("Could not get domain"); + throw new Error("Could not get host"); } const [hostname, port] = host.split(":"); diff --git a/apps/login/src/lib/server/password.ts b/apps/login/src/lib/server/password.ts index 5e202aabd51..5b284a3e5ed 100644 --- a/apps/login/src/lib/server/password.ts +++ b/apps/login/src/lib/server/password.ts @@ -31,7 +31,7 @@ type ResetPasswordCommand = { }; export async function resetPassword(command: ResetPasswordCommand) { - const host = (await headers()).get("host"); + const origin = (await headers()).get("origin"); const users = await listUsers({ loginName: command.loginName, @@ -47,7 +47,7 @@ export async function resetPassword(command: ResetPasswordCommand) { } const userId = users.result[0].userId; - return passwordReset(userId, host, command.authRequestId); + return passwordReset(userId, origin, command.authRequestId); } export type UpdateSessionCommand = { diff --git a/apps/login/src/lib/zitadel.ts b/apps/login/src/lib/zitadel.ts index 0afc4c4dc19..7210442fefd 100644 --- a/apps/login/src/lib/zitadel.ts +++ b/apps/login/src/lib/zitadel.ts @@ -267,15 +267,15 @@ export async function resendInviteCode(userId: string) { return userService.resendInviteCode({ userId }, {}); } -export async function createInviteCode(userId: string, host: string | null) { +export async function createInviteCode(userId: string, origin: string | null) { let medium = create(SendInviteCodeSchema, { applicationName: "Typescript Login", }); - if (host) { + if (origin) { medium = { ...medium, - urlTemplate: `${host.includes("localhost") ? "http://" : "https://"}${host}/verify?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}&invite=true`, + urlTemplate: `${origin}/verify?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}&invite=true`, }; } @@ -506,18 +506,18 @@ export function createUser( */ export async function passwordReset( userId: string, - host: string | null, + origin: string | null, authRequestId?: string, ) { let medium = create(SendPasswordResetLinkSchema, { notificationType: NotificationType.Email, }); - if (host) { + if (origin) { medium = { ...medium, urlTemplate: - `${host.includes("localhost") ? "http://" : "https://"}${host}/password/set?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}` + + `${origin}/password/set?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}` + (authRequestId ? `&authRequestId=${authRequestId}` : ""), }; }