npm - bdy - Versions diffs - 1.22.23 → 1.22.24-beta - Mend

bdy 1.22.23 → 1.22.24-beta

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/distTs/package.json +1 -1
package/distTs/src/tunnel/tunnel.js +24 -0
package/package.json +1 -1

package/distTs/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "bdy",
   "preferGlobal": false,
-  "version": "1.22.23",
+  "version": "1.22.24-beta",
   "type": "commonjs",
   "license": "MIT",
   "scripts": {

package/distTs/src/tunnel/tunnel.js CHANGED Viewed

@@ -767,6 +767,26 @@ class Tunnel extends events_1.default {
             sameSite: 'lax',
         }));
     }
+    _checkHttpAuthTokenRedirect(req, res, code, state, accessToken, url) {
+        if ((code || accessToken) && state && url) {
+            const u2 = new URL(url);
+            const currentHost = req.headers['x-forwarded-host'] || req.headers.host || req.headers[':authority'] || '';
+            const currentUrl = `https://${currentHost}`;
+            const originalUrl = `https://${u2.host}`;
+            if (currentUrl !== originalUrl) {
+                let newUrl = `${originalUrl}?state=${encodeURIComponent(state)}`;
+                if (code)
+                    newUrl += `&code=${encodeURIComponent(code)}`;
+                else if (accessToken)
+                    newUrl += `&access_token=${encodeURIComponent(accessToken)}`;
+                this.httpEndFast(req, res, 302, 'Found', {
+                    location: newUrl,
+                });
+                return true;
+            }
+        }
+        return false;
+    }
     async _checkHttpAuthToken(code, verifier, token, req, res) {
         let fromCookie = false;
         if (code && verifier && !token) {
@@ -878,6 +898,10 @@ class Tunnel extends events_1.default {
             const state = searchParams.get('state') || '';
             const token = searchParams.get('access_token') || '';
             const { url, verifier } = this._httpDecryptState(state);
+            const redirectByAuthToken = this._checkHttpAuthTokenRedirect(req, res, code, state, token, url);
+            if (redirectByAuthToken) {
+                return false;
+            }
             const authByToken = await this._checkHttpAuthToken(code, verifier || '', token, req, res);
             if (authByToken) {
                 if (url) {

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "bdy",
   "preferGlobal": false,
-  "version": "1.22.23",
+  "version": "1.22.24-beta",
   "type": "commonjs",
   "license": "MIT",
   "scripts": {