From 4c48410e2ddb21bf477f86b9cb8739a52cb00f1b Mon Sep 17 00:00:00 2001 From: Kanji Keraliya Date: Sat, 14 Aug 2021 11:55:43 +0530 Subject: [PATCH] Fixed: Office 365 integration redirection url issue --- pages/api/integrations/office365calendar/add.ts | 7 +------ pages/api/integrations/office365calendar/callback.ts | 3 +-- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/pages/api/integrations/office365calendar/add.ts b/pages/api/integrations/office365calendar/add.ts index 02e695a321..24f4d1d09c 100644 --- a/pages/api/integrations/office365calendar/add.ts +++ b/pages/api/integrations/office365calendar/add.ts @@ -21,13 +21,8 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) } }); - const hostname = 'x-forwarded-host' in req.headers ? 'https://' + req.headers['x-forwarded-host'] : 'host' in req.headers ? (req.secure ? 'https://' : 'http://') + req.headers['host'] : ''; - if ( ! hostname || ! req.headers.referer.startsWith(hostname)) { - throw new Error('Unable to determine external url, check server settings'); - } - function generateAuthUrl() { - return 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&scope=' + scopes.join(' ') + '&client_id=' + process.env.MS_GRAPH_CLIENT_ID + '&redirect_uri=' + hostname + '/api/integrations/office365calendar/callback'; + return 'https://login.microsoftonline.com/common/oauth2/v2.0/authorize?response_type=code&scope=' + scopes.join(' ') + '&client_id=' + process.env.MS_GRAPH_CLIENT_ID + '&redirect_uri=' + process.env.BASE_URL + '/api/integrations/office365calendar/callback'; } res.status(200).json({url: generateAuthUrl() }); diff --git a/pages/api/integrations/office365calendar/callback.ts b/pages/api/integrations/office365calendar/callback.ts index 137157b0f2..71581a2df0 100644 --- a/pages/api/integrations/office365calendar/callback.ts +++ b/pages/api/integrations/office365calendar/callback.ts @@ -11,9 +11,8 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse) if (!session) { res.status(401).json({message: 'You must be logged in to do this'}); return; } const toUrlEncoded = payload => Object.keys(payload).map( (key) => key + '=' + encodeURIComponent(payload[ key ]) ).join('&'); - const hostname = 'x-forwarded-host' in req.headers ? 'https://' + req.headers['x-forwarded-host'] : 'host' in req.headers ? (req.secure ? 'https://' : 'http://') + req.headers['host'] : ''; - const body = toUrlEncoded({ client_id: process.env.MS_GRAPH_CLIENT_ID, grant_type: 'authorization_code', code, scope: scopes.join(' '), redirect_uri: hostname + '/api/integrations/office365calendar/callback', client_secret: process.env.MS_GRAPH_CLIENT_SECRET }); + const body = toUrlEncoded({ client_id: process.env.MS_GRAPH_CLIENT_ID, grant_type: 'authorization_code', code, scope: scopes.join(' '), redirect_uri: process.env.BASE_URL + '/api/integrations/office365calendar/callback', client_secret: process.env.MS_GRAPH_CLIENT_SECRET }); const response = await fetch('https://login.microsoftonline.com/common/oauth2/v2.0/token', { method: 'POST', headers: { 'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8',