Commit 1f188236 authored by Stan Hu's avatar Stan Hu

Downcase aliased OAuth2 callback providers

Users may specify an OAuth2 callback with a custom name, such as
AWSCognito, but Rails will reject this with the following message:

'import/AWSCognito' is not a supported controller name. This can
lead to potential routing problems. See

To avoid these errors, we can just downcase all the provider names.
Note that this will make it impossible to specify a duplicate name with
different cases.

parent dd26a9ad
title: Downcase aliased OAuth2 callback providers
merge_request: 24877
type: fixed
# Alias import callbacks under the /users/auth endpoint so that
# the OAuth2 callback URL can be restricted under
# instead of
Devise.omniauth_providers.each do |provider| do |provider|
next if provider == 'ldapmain'
get "/users/auth/-/import/#{provider}/callback", to: "import/#{provider}#callback", as: "users_import_#{provider}_callback"
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment