Improve some front end views. More descriptive error condition reporting. Updates to CLINCH_HOST for better WEBAUTHN

2025-11-12 16:24:05 +11:00
parent 33ad956508
commit 67f28faaca
12 changed files with 114 additions and 24 deletions
--- a/app/controllers/concerns/authentication.rb
+++ b/app/controllers/concerns/authentication.rb
@@ -134,13 +134,16 @@ module Authentication
        original_url = controller_session[:return_to_after_authenticating]
        uri = URI.parse(original_url)

-        # Add token as query parameter
-        query_params = URI.decode_www_form(uri.query || "").to_h
-        query_params['fa_token'] = token
-        uri.query = URI.encode_www_form(query_params)
+        # Skip adding fa_token for OAuth URLs (OAuth flow should not have forward auth tokens)
+        unless uri.path&.start_with?("/oauth/")
+          # Add token as query parameter
+          query_params = URI.decode_www_form(uri.query || "").to_h
+          query_params['fa_token'] = token
+          uri.query = URI.encode_www_form(query_params)

-        # Update the session with the tokenized URL
-        controller_session[:return_to_after_authenticating] = uri.to_s
+          # Update the session with the tokenized URL
+          controller_session[:return_to_after_authenticating] = uri.to_s
+        end
      end
    end
 end