Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Query params are unnecessary cleared in redirect-uri when using redirection strategy #13

Merged
merged 8 commits into from
Sep 7, 2023
Merged

Query params are unnecessary cleared in redirect-uri when using redirection strategy #13

merged 8 commits into from
Sep 7, 2023

Conversation

wojciechdudek-livechat
Copy link
Collaborator

@wojciechdudek-livechat wojciechdudek-livechat commented Aug 25, 2023
edited
Loading

Products SDK issue:
livechat/products-sdk#19

Also reported by 99bits.

@wojciechdudek-livechat wojciechdudek-livechat changed the title Query params are unnecessary cleared in redirect-uri when using redir… Query params are unnecessary cleared in redirect-uri when using redirection strategy Aug 25, 2023
morus12
morus12 reviewed Aug 31, 2023
View reviewed changes
src/sdk.js
@@ -114,9 +118,12 @@ export default class AccountsSDK {
authorizeURL(options = {}, flow = '') {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add a new option called preserveOriginalHref set by default to false and run the persister logic only when explicitly set to true by the customer?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As we discussed - IMO it isn't feature, it's fix and it should apply to default behaviour because if not then communication between agent-app and developer-app gets broken.

src/sdk.js
if (!localOptions.redirect_uri) {
localOptions.redirect_uri =
window.location.origin + window.location.pathname;
localOptions.redirect_uri = window.location.href;
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This change is no longer required. Href contains document fragments, we shouldn't use it here.
Let's use old redirect URIs and persist href in a different way.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also as we discussed - it's actually needed, but it doesn't matter because later on rediect_uri gets cut properly (query and hash params are removed).

src/sdk.js
@@ -176,7 +183,10 @@ export default class AccountsSDK {
}

this.transaction.generate(params);
this.redirectUriParamsPersister.persist(params);
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use window.location.href here and change the underlying implementation.

Suggested change
this.redirectUriParamsPersister.persist(params);
if (preserveOriginalHref) {
this.hrefPerister.persist(window.location.href);
}

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We shouldn't rely on window.location.href. We should persist params directly taken from redirect_uri which can be passed by:

  • sdk config
  • or autorization strategy config
  • or is taken from window.location.href as fallback

@wojciechdudek-livechat wojciechdudek-livechat force-pushed the crearing-query-params-in-redirect-uri branch from 94a242d to c4a295e Compare September 7, 2023 06:32
@wojciechdudek-livechat wojciechdudek-livechat merged commit cf9805a into master Sep 7, 2023
@wojciechdudek-livechat wojciechdudek-livechat mentioned this pull request Sep 28, 2023
Open
@mreszke mreszke deleted the crearing-query-params-in-redirect-uri branch December 29, 2023 08:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@morus12 morus12 morus12 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@wojciechdudek-livechat @morus12