client_id > auth_client_id #57

dwyl · Apr 29, 2020 · 333ae6c · 333ae6c
1 parent 0f11599
commit 333ae6c
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 10 deletions.
diff --git a/lib/auth_web/controllers/auth_controller.ex b/lib/auth_web/controllers/auth_controller.ex
@@ -19,6 +19,7 @@ defmodule AuthWeb.AuthController do
   `google_handler/2` handles the callback from Google Auth API redirect.
   """
   def google_handler(conn, %{"code" => code, "state" => state}) do
+    IO.inspect(state, label: "state:22")
     {:ok, token} = ElixirAuthGoogle.get_token(code, conn)
     {:ok, profile} = ElixirAuthGoogle.get_user_profile(token.access_token)
 
@@ -91,8 +92,8 @@ defmodule AuthWeb.AuthController do
   """
   def get_client_secret_from_state(state) do
     query = URI.decode_query(state)
-    # IO.inspect(query, label: "query")
-    client_id = Map.get(query, "client_id")
+    IO.inspect(query, label: "query")
+    client_id = Map.get(query, "auth_client_id")
     IO.inspect(client_id, label: "client_id")
     case not is_nil(client_id) do
       true -> # Lookup client_id in apikeys table

diff --git a/lib/auth_web/controllers/page_controller.ex b/lib/auth_web/controllers/page_controller.ex
@@ -21,7 +21,7 @@ defmodule AuthWeb.PageController do
   end
 
   def append_client_id(ref, client_id) do
-    ref <> "?client_id=" <> client_id
+    ref <> "&client_id=" <> client_id
   end
 
   def get_referer(conn) do
@@ -36,20 +36,20 @@ defmodule AuthWeb.PageController do
             query = URI.decode_query(conn.query_string)
             ref = Map.get(query, "referer")
             client_id = get_client_id_from_query(conn)
-            ref |> append_client_id(client_id)
+            ref |> URI.encode |> append_client_id(client_id)
 
           false -> # no referer, redirect back to Auth app.
-            AuthPlug.Helpers.get_baseurl_from_conn(conn)
-            <> "/profile?client_id" <> AuthPlug.Token.client_id()
+            AuthPlug.Helpers.get_baseurl_from_conn(conn) <> "/profile"
+            |> URI.encode
+            |> append_client_id(AuthPlug.Token.client_id())
         end
     end
-    |> URI.encode |> IO.inspect(label: "referer")
   end
 
   def get_client_id_from_query(conn) do
-    case conn.query_string =~ "client_id" do
+    case conn.query_string =~ "auth_client_id" do
       true ->
-        Map.get(URI.decode_query(conn.query_string), "client_id")
+        Map.get(URI.decode_query(conn.query_string), "auth_client_id")
       false -> # no client_id, redirect back to this app.
         0
     end

diff --git a/test/auth_web/controllers/auth_controller_test.exs b/test/auth_web/controllers/auth_controller_test.exs
@@ -12,7 +12,7 @@ defmodule AuthWeb.AuthControllerTest do
 
   test "google_handler/2 for google auth callback", %{conn: conn} do
     conn = get(conn, "/auth/google/callback",
-      %{code: "234", state: "http://localhost:4000/" <>
+      %{code: "234", state: "http://localhost:4000" <>
       "&client_id=" <> AuthPlug.Token.client_id() })
 
     # assert html_response(conn, 200) =~ "[email protected]"