OAuth2 URL may already contain query parameters #1831
Description
Version
module: 5.0.0-1667386184.dfbbb54
nuxt: 2.15.8
Nuxt configuration
mode:
- universal
- spa
Nuxt configuration
auth: {
redirect: {
login: '/login',
logout: '/',
callback: '/callback',
home: '/',
},
strategies: {
azureadb2c: {
scheme: 'openIDConnect',
clientId: '<MyClientID>',
endpoints: {
configuration:
'https://<MyTenantName>.b2clogin.com/<MyTenantName>.onmicrosoft.com/v2.0/.well-known/openid-configuration?p=<MyFlowName>',
},
},
},
},
Reproduction
What is expected?
In some cases, authorization endpoint URL already contains query parameters. (e.g Azure AD B2C specifies "user flow name" by using query parameters)
If OAuth2 authorization endpoint URL contains '?' (=already has query params), this module should join options generated by this module to given URL with '&' ,not '?'.
auth-module/src/schemes/oauth2.ts
Line 306 in dfbbb54
What is actually happening?
Redirect to authorization endpoint fails because authorization URL is like this↓
https://example.com/oauth2/authorize ? given_param=something ? param_generated_by_this_module=something&other_param=...
"?" appears twice
Steps to reproduce
Set up Azure AD B2C and write configuration above
,or just specify authorization endpoint with some query parameters
auth: {
strategies: {
social: {
scheme: 'oauth2',
endpoints: {
authorization: 'https://accounts.google.com/o/oauth2/auth?someparameters=...',
...
Additional information
Checklist
- I have tested with the latest Nuxt version and the issue still occurs
- I have tested with the latest module version and the issue still occurs
- I have searched the issue tracker and this issue hasn't been reported yet