mirror of
https://github.com/maybe-finance/maybe.git
synced 2025-07-19 05:09:38 +02:00
Fix OAuth mobile app support with custom URL schemes
- Configure Doorkeeper to allow custom URL schemes (maybeapp://)
- Disable force_ssl_in_redirect_uri to support non-HTTPS schemes
- Add custom Doorkeeper views with mobile OAuth detection
- Disable Turbo for mobile OAuth flows to prevent redirect interference
- Add display parameter preservation through OAuth flow
- Create custom Doorkeeper layouts with proper styling
- Add comprehensive integration tests for mobile OAuth flows
- Ensure all OAuth pages use proper doorkeeper/application layout
This allows the mobile app to complete OAuth authorization flows
without the web app interfering with custom URL scheme redirects.
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
parent
404066eaa1
commit
cba0bdf0e2
17 changed files with 513 additions and 4 deletions
75
test/integration/oauth_mobile_test.rb
Normal file
75
test/integration/oauth_mobile_test.rb
Normal file
|
@ -0,0 +1,75 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require "test_helper"
|
||||
|
||||
class OauthMobileTest < ActionDispatch::IntegrationTest
|
||||
setup do
|
||||
@user = users(:empty)
|
||||
sign_in(@user)
|
||||
|
||||
@oauth_app = Doorkeeper::Application.create!(
|
||||
name: "Maybe Mobile App",
|
||||
redirect_uri: "maybeapp://oauth/callback",
|
||||
scopes: "read"
|
||||
)
|
||||
end
|
||||
|
||||
test "mobile oauth authorization with custom scheme redirect" do
|
||||
get "/oauth/authorize", params: {
|
||||
client_id: @oauth_app.uid,
|
||||
redirect_uri: @oauth_app.redirect_uri,
|
||||
response_type: "code",
|
||||
scope: "read",
|
||||
display: "mobile"
|
||||
}
|
||||
|
||||
assert_response :success
|
||||
|
||||
# Check that Turbo is disabled in the form
|
||||
assert_match(/data-turbo="false"/, response.body)
|
||||
assert_match(/maybeapp:\/\/oauth\/callback/, response.body)
|
||||
end
|
||||
|
||||
test "mobile oauth detects custom scheme in redirect_uri" do
|
||||
get "/oauth/authorize", params: {
|
||||
client_id: @oauth_app.uid,
|
||||
redirect_uri: "maybeapp://oauth/callback",
|
||||
response_type: "code",
|
||||
scope: "read"
|
||||
}
|
||||
|
||||
assert_response :success
|
||||
|
||||
# Should detect mobile flow from redirect_uri
|
||||
assert_match(/data-turbo="false"/, response.body)
|
||||
end
|
||||
|
||||
test "mobile oauth authorization flow completes successfully" do
|
||||
post "/oauth/authorize", params: {
|
||||
client_id: @oauth_app.uid,
|
||||
redirect_uri: @oauth_app.redirect_uri,
|
||||
response_type: "code",
|
||||
scope: "read",
|
||||
display: "mobile"
|
||||
}
|
||||
|
||||
# Should redirect to the custom scheme
|
||||
assert_response :redirect
|
||||
assert response.location.start_with?("maybeapp://oauth/callback")
|
||||
end
|
||||
|
||||
test "mobile oauth preserves display parameter through forms" do
|
||||
get "/oauth/authorize", params: {
|
||||
client_id: @oauth_app.uid,
|
||||
redirect_uri: @oauth_app.redirect_uri,
|
||||
response_type: "code",
|
||||
scope: "read",
|
||||
display: "mobile"
|
||||
}
|
||||
|
||||
assert_response :success
|
||||
|
||||
# Check that display parameter is preserved in hidden fields
|
||||
assert_match(/<input[^>]*name="display"[^>]*value="mobile"/, response.body)
|
||||
end
|
||||
end
|
Loading…
Add table
Add a link
Reference in a new issue