UNPKG

@auth/core

Version:

Authentication for the Web.

authjs.dev

nextauthjs/next-auth

35 lines (28 loc) 1.05 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
import { InvalidCheck } from "../../errors.js" import { decodeState } from "./checks.js" import type { OAuthConfigInternal } from "../../providers/oauth.js" import type { InternalOptions, RequestInternal } from "../../types.js" /** * When the authorization flow contains a state, we check if it's a redirect proxy * and if so, we return the random state and the original redirect URL. */ export function handleState( query: RequestInternal["query"], provider: OAuthConfigInternal<any>, isOnRedirectProxy: InternalOptions["isOnRedirectProxy"] ) { let randomState: string | undefined let proxyRedirect: string | undefined if (provider.redirectProxyUrl && !query?.state) { throw new InvalidCheck( "Missing state in query, but required for redirect proxy" ) } const state = decodeState(query?.state) randomState = state?.random if (isOnRedirectProxy) { if (!state?.origin) return { randomState } proxyRedirect = `${state.origin}?${new URLSearchParams(query)}` } return { randomState, proxyRedirect } }