From 8407b2dd7c010ec93e59a26a74fd02021bf732fd Mon Sep 17 00:00:00 2001 From: Peng Xiao Date: Tue, 5 Sep 2023 20:54:17 +0800 Subject: [PATCH] fix: force reset callbackurl cookie in electron (#4199) --- apps/electron/src/main/deep-link.ts | 12 +++++++----- apps/electron/src/main/main-window.ts | 5 +++++ 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/apps/electron/src/main/deep-link.ts b/apps/electron/src/main/deep-link.ts index a31dac5804..cada04f5b3 100644 --- a/apps/electron/src/main/deep-link.ts +++ b/apps/electron/src/main/deep-link.ts @@ -7,6 +7,7 @@ import { logger } from './logger'; import { handleOpenUrlInHiddenWindow, mainWindowOrigin, + removeCookie, restoreOrCreateWindow, setCookie, } from './main-window'; @@ -92,11 +93,12 @@ async function handleOauthJwt(url: string) { }); // force reset next-auth.callback-url - await setCookie({ - url: CLOUD_BASE_URL, - httpOnly: true, - name: 'next-auth.callback-url', - }); + // there could be incorrect callback-url in cookie that will cause auth failure + // so we need to reset it to empty to mitigate this issue + await removeCookie( + CLOUD_BASE_URL, + isSecure ? '__Secure-next-auth.callback-url' : 'next-auth.callback-url' + ); // hacks to refresh auth state in the main window const window = await handleOpenUrlInHiddenWindow( diff --git a/apps/electron/src/main/main-window.ts b/apps/electron/src/main/main-window.ts index bf8b737f4e..633c8e5f62 100644 --- a/apps/electron/src/main/main-window.ts +++ b/apps/electron/src/main/main-window.ts @@ -203,6 +203,11 @@ export async function setCookie( await window.webContents.session.cookies.set(details); } +export async function removeCookie(url: string, name: string): Promise { + const window = await restoreOrCreateWindow(); + await window.webContents.session.cookies.remove(url, name); +} + export async function getCookie(url?: string, name?: string) { const window = await restoreOrCreateWindow(); const cookies = await window.webContents.session.cookies.get({