Fix the OIDC login button when using a RoutePrefix.

Make the OIDC login button relative so that it uses the route Prefix from the base.
weaveworks · Sep 19, 2023 · 231cc8f · 231cc8f
1 parent 047c56a
commit 231cc8f
Show file tree

Hide file tree

Showing 4 changed files with 32 additions and 11 deletions.
diff --git a/pkg/server/auth/auth.go b/pkg/server/auth/auth.go
@@ -55,7 +55,8 @@ func RegisterAuthServer(mux *http.ServeMux, prefix string, srv *AuthServer, logi
 		return err
 	}
 
-	mux.Handle(prefix, srv.OAuth2Flow())
+	mux.HandleFunc(prefix, srv.OAuth2Flow)
+
 	mux.HandleFunc(prefix+"/callback", srv.Callback)
 	mux.Handle(prefix+"/sign_in", middleware.Handle(srv.SignIn()))
 	mux.HandleFunc(prefix+"/userinfo", srv.UserInfo)

diff --git a/pkg/server/auth/server.go b/pkg/server/auth/server.go
@@ -273,15 +273,13 @@ func (s *AuthServer) oauth2Config(scopes []string) *oauth2.Config {
 	}
 }
 
-func (s *AuthServer) OAuth2Flow() http.HandlerFunc {
-	return func(rw http.ResponseWriter, r *http.Request) {
-		if !s.oidcEnabled() {
-			JSONError(s.Log, rw, "oidc provider not configured", http.StatusBadRequest)
-			return
-		}
-
-		s.startAuthFlow(rw, r)
+func (s *AuthServer) OAuth2Flow(rw http.ResponseWriter, r *http.Request) {
+	if !s.oidcEnabled() {
+		JSONError(s.Log, rw, "oidc provider not configured", http.StatusBadRequest)
+		return
 	}
+
+	s.startAuthFlow(rw, r)
 }
 
 func (s *AuthServer) Callback(rw http.ResponseWriter, r *http.Request) {

diff --git a/ui/pages/SignIn.tsx b/ui/pages/SignIn.tsx
@@ -92,7 +92,7 @@ function SignIn({ darkModeEnabled = true }: Props) {
 
   const handleOIDCSubmit = () => {
     const CURRENT_URL = window.origin;
-    return (window.location.href = `/oauth2?return_url=${encodeURIComponent(
+    return (window.location.href = `./oauth2?return_url=${encodeURIComponent(
       CURRENT_URL
     )}`);
   };

diff --git a/ui/pages/__tests__/Signin.test.tsx b/ui/pages/__tests__/Signin.test.tsx
@@ -1,4 +1,4 @@
-import { render, screen } from "@testing-library/react";
+import { render, screen, fireEvent } from "@testing-library/react";
 import * as React from "react";
 import { withContext, withTheme } from "../../lib/test-utils";
 import SignIn from "../SignIn";
@@ -17,6 +17,19 @@ const renderSignIn = (featureFlags: Record<string, string>) => {
 };
 
 describe("SignIn", () => {
+  const location = window.location;
+
+  beforeEach(() => {
+    Object.defineProperty(window, "location", {
+      writable: true,
+      value: { assign: jest.fn() },
+    });
+  });
+
+  afterEach(() => {
+    window.location = location;
+  });
+
   it("should show no buttons or user/password fields with no flags set", async () => {
     renderSignIn({});
     expect(screen.queryByText(defaultButtonLabel)).toBeNull();
@@ -35,6 +48,15 @@ describe("SignIn", () => {
     expect(screen.queryByText(defaultButtonLabel)).toBeTruthy();
   });
 
+  it("should redirect to the oauth2 endpoint with the correct return_url", async () => {
+    renderSignIn({ OIDC_AUTH: "true" });
+    fireEvent.click(screen.queryByText(defaultButtonLabel));
+
+    expect(window.location.href).toEqual(
+      "./oauth2?return_url=http%3A%2F%2Flocalhost"
+    );
+  });
+
   it("should show both buttons if both flags are set", async () => {
     renderSignIn({
       OIDC_AUTH: "true",