({ url, baseUrl })
| 105 | return session |
| 106 | }, |
| 107 | async redirect({ url, baseUrl }) { |
| 108 | const potentialRedirectUrl = new URL(url, baseUrl) |
| 109 | const authCode = potentialRedirectUrl.searchParams.get('auth_code') |
| 110 | |
| 111 | if (authCode) { |
| 112 | if (!isCliAuthCodeCandidate(authCode)) { |
| 113 | const searchParamKeys = Array.from( |
| 114 | potentialRedirectUrl.searchParams.keys(), |
| 115 | ).sort() |
| 116 | logger.warn( |
| 117 | { |
| 118 | authCodeLength: authCode.length, |
| 119 | authCodeTrimmedLength: authCode.trim().length, |
| 120 | authCodeHashPrefix: getCliAuthCodeHashPrefix(authCode), |
| 121 | authCodeParamCount: |
| 122 | potentialRedirectUrl.searchParams.getAll('auth_code').length, |
| 123 | searchParamKeys, |
| 124 | searchParamCount: searchParamKeys.length, |
| 125 | hasCallbackUrlParam: searchParamKeys.includes('callbackUrl'), |
| 126 | hasCodeParam: searchParamKeys.includes('code'), |
| 127 | hasRedirectParam: searchParamKeys.includes('redirect'), |
| 128 | dotCount: authCode.match(/\./g)?.length ?? 0, |
| 129 | hyphenCount: authCode.match(/-/g)?.length ?? 0, |
| 130 | redirectUrlOrigin: potentialRedirectUrl.origin, |
| 131 | baseUrl, |
| 132 | }, |
| 133 | 'Freebuff auth redirect received non-CLI-shaped auth_code', |
| 134 | ) |
| 135 | return baseUrl |
| 136 | } |
| 137 | |
| 138 | const onboardUrl = new URL(`${baseUrl}/onboard`) |
| 139 | onboardUrl.search = getCliAuthOnboardSearchParams( |
| 140 | potentialRedirectUrl.searchParams, |
| 141 | authCode, |
| 142 | ).toString() |
| 143 | return onboardUrl.toString() |
| 144 | } |
| 145 | |
| 146 | if (url.startsWith('/') || potentialRedirectUrl.origin === baseUrl) { |
| 147 | return potentialRedirectUrl.toString() |
| 148 | } |
| 149 | |
| 150 | return baseUrl |
| 151 | }, |
| 152 | }, |
| 153 | events: { |
| 154 | createUser: async ({ user }) => { |
no test coverage detected