fix

bitfoundation · Dec 28, 2024 · 9667eac · 9667eac
1 parent 92c6732
commit 9667eac
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/...src/Server/Boilerplate.Server.Api/Controllers/Identity/IdentityController.SocialSignIn.cs b/...src/Server/Boilerplate.Server.Api/Controllers/Identity/IdentityController.SocialSignIn.cs
@@ -11,14 +11,17 @@ public partial class IdentityController
     [HttpGet]
     public async Task<string> GetSocialSignInUri(string provider, string? returnUrl = null, int? localHttpPort = null, CancellationToken cancellationToken = default)
     {
-        var uri = Url.Action(nameof(SocialSignIn), new { provider, returnUrl, localHttpPort })!;
+        var uri = Url.Action(nameof(SocialSignIn), new { provider, returnUrl, localHttpPort, origin = Request.GetWebAppUrl() })!;
         return new Uri(Request.GetBaseUrl(), uri).ToString();
     }
 
     [HttpGet]
-    public async Task<ActionResult> SocialSignIn(string provider, string? returnUrl = null, int? localHttpPort = null)
+    public async Task<ActionResult> SocialSignIn(string provider,
+        string? returnUrl = null, /* Specifies the relative page address to navigate to after completion. */
+        int? localHttpPort = null, /* Defines the local HTTP server port awaiting the social sign-in result on Windows/macOS versions of the app. */
+        [FromQuery] string? origin = null /* Indicates the base address URL for redirection after the process completes. */ )
     {
-        var redirectUrl = Url.Action(nameof(SocialSignInCallback), "Identity", new { returnUrl, localHttpPort });
+        var redirectUrl = Url.Action(nameof(SocialSignInCallback), "Identity", new { returnUrl, localHttpPort, origin });
         var properties = signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
         return new ChallengeResult(provider, properties);
     }

diff --git a/...ate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Extensions/HttpRequestExtensions.cs b/...ate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Extensions/HttpRequestExtensions.cs
@@ -8,8 +8,7 @@ internal static Uri GetWebAppUrl(this HttpRequest req)
     {
         var settings = req.HttpContext.RequestServices.GetRequiredService<ServerApiSettings>();
 
-        if (req.Headers["X-Origin"].Union(req.Headers.Origin).Union(req.Headers.Referer)
-            .FirstOrDefault(origin => string.IsNullOrEmpty(origin) is false && settings.IsAllowedOrigin(origin)) is string validOrigin)
+        if (req.Headers["X-Origin"].Union(req.Query["origin"]).FirstOrDefault(origin => string.IsNullOrEmpty(origin) is false && settings.IsAllowedOrigin(origin)) is string validOrigin)
         {
             return new Uri(validOrigin);
         }