Docker/Maybe
Docker/Maybe
1
0
Fork 0
mirror of https://github.com/maybe-finance/maybe.git synced 2025-08-05 13:35:21 +02:00
Code Issues Releases Activity Actions

Fix OAuth mobile app support with custom URL schemes
Some checks are pending
Publish Docker image / ci (push) Waiting to run
Details
Publish Docker image / Build docker image (push) Blocked by required conditions
Details

Browse source 
- Configure Doorkeeper to allow custom URL schemes (maybeapp://)
- Disable force_ssl_in_redirect_uri to support non-HTTPS schemes
- Add custom Doorkeeper views with mobile OAuth detection
- Disable Turbo for mobile OAuth flows to prevent redirect interference
- Add display parameter preservation through OAuth flow
- Create custom Doorkeeper layouts with proper styling
- Add comprehensive integration tests for mobile OAuth flows
- Ensure all OAuth pages use proper doorkeeper/application layout

This allows the mobile app to complete OAuth authorization flows
without the web app interfering with custom URL scheme redirects.

🤖 Generated with Claude Code

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Josh Pigford 2025-06-18 05:38:23 -05:00
parent 404066eaa1
commit cba0bdf0e2
17 changed files with 513 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
config/initializers/doorkeeper.rb
View file

@ -303,9 +303,8 @@ Doorkeeper.configure do
# #call can be used in order to allow conditional checks (to allow non-SSL
# redirects to localhost for example).
#
# force_ssl_in_redirect_uri !Rails.env.development?
#
# force_ssl_in_redirect_uri { |uri| uri.host != 'localhost' }
# Allow custom URL schemes for mobile apps
force_ssl_in_redirect_uri false
# Specify what redirect URI's you want to block during Application creation.
# Any redirect URI is allowed by default.
@ -313,7 +312,8 @@ Doorkeeper.configure do
# You can use this option in order to forbid URI's with 'javascript' scheme
# for example.
#
# forbid_redirect_uri { |uri| uri.scheme.to_s.downcase == 'javascript' }
# Block javascript URIs but allow custom schemes
forbid_redirect_uri { |uri| uri.scheme.to_s.downcase == 'javascript' }
# Allows to set blank redirect URIs for Applications in case Doorkeeper configured
# to use URI-less OAuth grant flows like Client Credentials or Resource Owner

6
config/initializers/doorkeeper_layout.rb Normal file
View file

@ -0,0 +1,6 @@
# Ensure Doorkeeper controllers use the correct layout
Rails.application.config.to_prepare do
Doorkeeper::AuthorizationsController.layout "doorkeeper/application"
Doorkeeper::AuthorizedApplicationsController.layout "doorkeeper/application"
Doorkeeper::ApplicationsController.layout "doorkeeper/application"
end