update state param handling to ueberauth v0.7.0

robuye · robuye · commit 8d52fdecb2b8 · 2021-07-04T18:30:49.000+02:00
From v0.7.0 Ueberauth core lib handles state validation and passing it
directly through params no longer works.

Fix is to load state using new `with_state_param` helper that was added
in 0.7.0.
diff --git a/lib/ueberauth/strategy/github.ex b/lib/ueberauth/strategy/github.ex
@@ -74,6 +74,7 @@ defmodule Ueberauth.Strategy.Github do
   use Ueberauth.Strategy,
     uid_field: :id,
     default_scope: "",
+    send_redirect_uri: true,
     oauth2_module: Ueberauth.Strategy.Github.OAuth
 
   alias Ueberauth.Auth.Info
@@ -87,22 +88,14 @@ defmodule Ueberauth.Strategy.Github do
   them as part of your url:
 
       "/auth/github?scope=user,public_repo,gist"
-
-  You can also include a `:state` param that github will return to you.
   """
-  def handle_request!(conn) do
-    scopes = conn.params["scope"] || option(conn, :default_scope)
-    send_redirect_uri = Keyword.get(options(conn), :send_redirect_uri, true)
-
-    opts =
-      if send_redirect_uri do
-        [redirect_uri: callback_url(conn), scope: scopes]
-      else
-        [scope: scopes]
-      end
 
+  def handle_request!(conn) do
     opts =
-      if conn.params["state"], do: Keyword.put(opts, :state, conn.params["state"]), else: opts
+      []
+      |> with_scopes(conn)
+      |> with_state_param(conn)
+      |> with_redirect_uri(conn)
 
     module = option(conn, :oauth2_module)
     redirect!(conn, apply(module, :authorize_url!, [opts]))
@@ -279,4 +272,18 @@ defmodule Ueberauth.Strategy.Github do
   defp option(conn, key) do
     Keyword.get(options(conn), key, Keyword.get(default_options(), key))
   end
+
+  defp with_scopes(opts, conn) do
+    scopes = conn.params["scope"] || option(conn, :default_scope)
+
+    opts |> Keyword.put(:scope, scopes)
+  end
+
+  defp with_redirect_uri(opts, conn) do
+    if option(conn, :send_redirect_uri) do
+      opts |> Keyword.put(:redirect_uri, callback_url(conn))
+    else
+      opts
+    end
+  end
 end
diff --git a/mix.exs b/mix.exs
@@ -27,7 +27,7 @@ defmodule Ueberauth.Github.Mixfile do
   defp deps do
     [
       {:oauth2, "~> 1.0 or ~> 2.0"},
-      {:ueberauth, "~> 0.6.0"},
+      {:ueberauth, "~> 0.7.0"},
       {:credo, "~> 0.8", only: [:dev, :test], runtime: false},
       {:ex_doc, ">= 0.0.0", only: :dev, runtime: false}
     ]

Original file line number	Diff line number	Diff line change
`@@ -27,7 +27,7 @@ defmodule Ueberauth.Github.Mixfile do`
`27`	`27`	`defp deps do`
`28`	`28`	`[`
`29`	`29`	`{:oauth2, "~> 1.0 or ~> 2.0"},`
`30`		`- {:ueberauth, "~> 0.6.0"},`
	`30`	`+ {:ueberauth, "~> 0.7.0"},`
`31`	`31`	`{:credo, "~> 0.8", only: [:dev, :test], runtime: false},`
`32`	`32`	`{:ex_doc, ">= 0.0.0", only: :dev, runtime: false}`
`33`	`33`	`]`