groombook/app
Archived
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(GRO-424): move reinitAuth to active router, add SSRF timeout, fix trailing slash

Browse Source 
- Add reinitAuth() import and calls to routes/authProvider.ts (active router)
  instead of routes/admin/authProvider.ts (dead code, not imported)
- Add AbortSignal.timeout(10_000) to fetch in setup auth-provider/test endpoint
- Add .replace(/\/$/, "") to strip trailing slash from internalBaseUrl
- Delete dead routes/admin/authProvider.ts

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
groombook-engineer[bot]
2026-04-03 11:29:27 +00:00
parent 3f23781493
commit ae920aa347
3 changed files with 6 additions and 197 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/api/src/routes/setup.ts
+2 -2
View File
@@ -210,11 +210,11 @@ setupRouter.post("/auth-provider/test", async (c) => {
// Determine the discovery URL
const discoveryUrl = body.internalBaseUrl
? `${body.internalBaseUrl}/application/o/.well-known/openid-configuration`
? `${body.internalBaseUrl.replace(/\/$/, "")}/application/o/.well-known/openid-configuration`
: `${body.issuerUrl}/.well-known/openid-configuration`;
try {
const res = await fetch(discoveryUrl, { method: "GET" });
const res = await fetch(discoveryUrl, { method: "GET", signal: AbortSignal.timeout(10_000) });
if (!res.ok) {
return c.json({
ok: false,