remove auth params from url after login attempt (#25664)
parent
51baaf6667
commit
6bbc2b8238
|
@ -75,13 +75,17 @@ function makeRegistrationUrl(params: QueryDict): string {
|
||||||
|
|
||||||
function onTokenLoginCompleted(): void {
|
function onTokenLoginCompleted(): void {
|
||||||
// if we did a token login, we're now left with the token, hs and is
|
// if we did a token login, we're now left with the token, hs and is
|
||||||
// url as query params in the url; a little nasty but let's redirect to
|
// url as query params in the url;
|
||||||
// clear them.
|
// if we did an oidc authorization code flow login, we're left with the auth code and state
|
||||||
|
// as query params in the url;
|
||||||
|
// a little nasty but let's redirect to clear them.
|
||||||
const url = new URL(window.location.href);
|
const url = new URL(window.location.href);
|
||||||
|
|
||||||
url.searchParams.delete("loginToken");
|
url.searchParams.delete("loginToken");
|
||||||
|
url.searchParams.delete("state");
|
||||||
|
url.searchParams.delete("code");
|
||||||
|
|
||||||
logger.log(`Redirecting to ${url.href} to drop loginToken from queryparams`);
|
logger.log(`Redirecting to ${url.href} to drop delegated authentication params from queryparams`);
|
||||||
window.history.replaceState(null, "", url.href);
|
window.history.replaceState(null, "", url.href);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue