From fff0a790fa111682e417599403a3a349d9770e08 Mon Sep 17 00:00:00 2001
From: Kamil Kisiela <kamil.kisiela@gmail.com>
Date: Tue, 9 Jul 2024 18:33:39 +0200
Subject: [PATCH] Ignore redirectToPath for Okta and OIDC (#5186)

---
 .../api/src/modules/alerts/providers/adapters/slack.ts   | 9 ++++-----
 .../src/lib/supertokens/start-auth-flow-for-provider.ts  | 4 +++-
 .../third-party-email-password-react-oidc-provider.ts    | 4 ++--
 packages/web/app/src/pages/auth-oidc.tsx                 | 2 +-
 4 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/packages/services/api/src/modules/alerts/providers/adapters/slack.ts b/packages/services/api/src/modules/alerts/providers/adapters/slack.ts
index a48987d5e..f3485f3a1 100644
--- a/packages/services/api/src/modules/alerts/providers/adapters/slack.ts
+++ b/packages/services/api/src/modules/alerts/providers/adapters/slack.ts
@@ -7,7 +7,6 @@ import { WEB_APP_URL } from '../../../shared/providers/tokens';
 import {
   ChannelConfirmationInput,
   CommunicationAdapter,
-  createMDLink,
   SchemaChangeNotificationInput,
   slackCoderize,
 } from './common';
@@ -44,15 +43,15 @@ export class SlackCommunicationAdapter implements CommunicationAdapter {
       const client = new WebClient(input.integrations.slack.token, {});
 
       const totalChanges = input.event.changes.length + input.event.messages.length;
-      const projectLink = createMDLink({
+      const projectLink = this.createLink({
         text: input.event.project.name,
         url: `${this.appBaseUrl}/${input.event.organization.cleanId}/${input.event.project.cleanId}`,
       });
-      const targetLink = createMDLink({
+      const targetLink = this.createLink({
         text: input.event.target.name,
         url: `${this.appBaseUrl}/${input.event.organization.cleanId}/${input.event.project.cleanId}/${input.event.target.cleanId}`,
       });
-      const viewLink = createMDLink({
+      const viewLink = this.createLink({
         text: 'view details',
         url: `${this.appBaseUrl}/${input.event.organization.cleanId}/${input.event.project.cleanId}/${input.event.target.cleanId}/history/${input.event.schema.id}`,
       });
@@ -107,7 +106,7 @@ export class SlackCommunicationAdapter implements CommunicationAdapter {
         : `I will no longer send here notifications`;
 
     try {
-      const projectLink = createMDLink({
+      const projectLink = this.createLink({
         text: input.event.project.name,
         url: `${this.appBaseUrl}/${input.event.organization.cleanId}/${input.event.project.cleanId}`,
       });
diff --git a/packages/web/app/src/lib/supertokens/start-auth-flow-for-provider.ts b/packages/web/app/src/lib/supertokens/start-auth-flow-for-provider.ts
index 1ff49edde..c3a759859 100644
--- a/packages/web/app/src/lib/supertokens/start-auth-flow-for-provider.ts
+++ b/packages/web/app/src/lib/supertokens/start-auth-flow-for-provider.ts
@@ -12,10 +12,12 @@ export const startAuthFlowForProvider = async (
     throw new Error(`Provider for ${thirdPartyId} is not configured`);
   }
 
+  const providersWithRedirectPartSupport = ['github'];
+
   // Google does not support ?redirectToPath= query param.
   // It gives back an error saying that the redirect_uri is not allowed.
   const redirectPart =
-    redirectToPath && thirdPartyId !== 'google'
+    redirectToPath && providersWithRedirectPartSupport.includes(thirdPartyId)
       ? `?redirectToPath=${encodeURIComponent(redirectToPath)}`
       : '';
   const authUrl = await getAuthorisationURLWithQueryParamsAndSetState({
diff --git a/packages/web/app/src/lib/supertokens/third-party-email-password-react-oidc-provider.ts b/packages/web/app/src/lib/supertokens/third-party-email-password-react-oidc-provider.ts
index cbdb9e842..d4d3caa7e 100644
--- a/packages/web/app/src/lib/supertokens/third-party-email-password-react-oidc-provider.ts
+++ b/packages/web/app/src/lib/supertokens/third-party-email-password-react-oidc-provider.ts
@@ -69,10 +69,10 @@ export const getOIDCOverrides = (): UserInput['override'] => ({
   }),
 });
 
-export const startAuthFlowForOIDCProvider = async (oidcId: string, redirectToPath: string) => {
+export const startAuthFlowForOIDCProvider = async (oidcId: string) => {
   const authUrl = await getAuthorisationURLWithQueryParamsAndSetState({
     thirdPartyId: 'oidc',
-    frontendRedirectURI: `${env.appBaseUrl}/auth/callback/oidc?redirectToPath=${encodeURIComponent(redirectToPath)}`,
+    frontendRedirectURI: `${env.appBaseUrl}/auth/callback/oidc`,
     // The user context is very important - we store the OIDC ID so we can use it later on.
     userContext: {
       oidcId,
diff --git a/packages/web/app/src/pages/auth-oidc.tsx b/packages/web/app/src/pages/auth-oidc.tsx
index 8f5be3542..3ec9defce 100644
--- a/packages/web/app/src/pages/auth-oidc.tsx
+++ b/packages/web/app/src/pages/auth-oidc.tsx
@@ -15,7 +15,7 @@ function AuthOIDC(props: { oidcId: string; redirectToPath: string }) {
         throw new Error('OIDC provider is not configured');
       }
 
-      await startAuthFlowForOIDCProvider(props.oidcId, props.redirectToPath);
+      await startAuthFlowForOIDCProvider(props.oidcId);
     },
   });