User API keys: payload and existing query string leads to a double question mark

blattersturm · 22 يوليو 2019، 10:55ص

If I call user-api-key/new with an auth_redirect already containing a query string (e.g. http://localhost:30120/auth-discourse?state=BASE64), I end up with a redirect URI along the likes of http://localhost:30120/auth-discourse?state=BASE64?payload=PAYLOAD - two query strings, and no & appending.

https://github.com/discourse/discourse/blob/888e68a1637ca784a7bf51a6bbb524dcf7413b13/app/controllers/user_api_keys_controller.rb#L96

This code might need to be changed to check if there’s already a query string in the URI, or perhaps use some URI builder?

eviltrout · 22 يوليو 2019، 1:41م

It does seem like the assumption the code makes is that it doesn’t already contain any query parameters. We’d be open to a PR to fix this.

saurabhp · 23 يوليو 2019، 3:50م

I have opened PR for this issue here:
https://github.com/discourse/discourse/pull/7923

saurabhp · 24 يوليو 2019، 2:37ص

PR has been merged. This topic can be closed

الموضوع		الردود	مرات العرض
Feasibility of allowing a User Api Key client to register a valid auth_redirect Dev	7	334	11 نوفمبر 2024
Redirect after login loses query params Dev	9	2025	8 يوليو 2019
Support wildcard in "allowed user api auth redirects" setting Feature	0	637	15 ديسمبر 2018
Per User API Keys Not Working Support	2	1165	2 سبتمبر 2021
Generating User Api Keys with REST API Dev rest-api	20	8502	8 أبريل 2018

User API keys: payload and existing query string leads to a double question mark

الموضوعات ذات الصلة