Update consent component to use http requests directly and support cu…

…stom base path
RADAR-base · Oct 8, 2024 · 6546a73 · 6546a73
1 parent 3548a82
commit 6546a73
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 30 deletions.
diff --git a/pages/api/consent.ts b/pages/api/consent.ts
@@ -1,15 +1,7 @@
-import { Configuration, OAuth2Api } from "@ory/client"
 import { NextApiRequest, NextApiResponse } from "next"
+import axios from "axios" // Using axios for HTTP requests
 
-const hydra = new OAuth2Api(
-  new Configuration({
-    basePath: process.env.HYDRA_ADMIN_URL,
-    baseOptions: {
-      "X-Forwarded-Proto": "https",
-      withCredentials: true,
-    },
-  }),
-)
+const baseURL = process.env.HYDRA_ADMIN_URL 
 
 // Helper function to extract session data
 const extractSession = (identity: any, grantScope: string[]) => {
@@ -33,40 +25,49 @@ export default async (req: NextApiRequest, res: NextApiResponse) => {
   try {
     if (req.method === "GET") {
       const { consent_challenge } = req.query
-      const response = await hydra.getOAuth2ConsentRequest({
-        consentChallenge: String(consent_challenge),
-      })
+      const response = await axios.get(
+        `${baseURL}/oauth2/auth/requests/consent`,
+        {
+          params: {
+            consent_challenge: String(consent_challenge),
+          },
+        },
+      )
       return res.status(200).json(response.data)
     } else {
       if (!consentChallenge || !consentAction) {
         return res.status(400).json({ error: "Missing required parameters" })
       }
       if (consentAction === "accept") {
-        const { data: body } = await hydra.getOAuth2ConsentRequest({
-          consentChallenge,
-        })
+        const { data: body } = await axios.get(
+          `${baseURL}/oauth2/auth/requests/consent`,
+          {
+            params: { consent_challenge: consentChallenge },
+          },
+        )
+
         const session = extractSession(identity, grantScope)
-        const acceptResponse = await hydra.acceptOAuth2ConsentRequest({
-          consentChallenge,
-          acceptOAuth2ConsentRequest: {
+        const acceptResponse = await axios.put(
+          `${baseURL}/oauth2/auth/requests/consent/accept?consent_challenge=${consentChallenge}`,
+          {
             grant_scope: session.access_token.scope,
             grant_access_token_audience: body.requested_access_token_audience,
             session,
             remember: Boolean(remember),
             remember_for: 3600,
           },
-        })
+        )
         return res
           .status(200)
           .json({ redirect_to: acceptResponse.data.redirect_to })
       } else {
-        const rejectResponse = await hydra.rejectOAuth2ConsentRequest({
-          consentChallenge,
-          rejectOAuth2Request: {
+        const rejectResponse = await axios.put(
+          `${baseURL}/oauth2/auth/requests/consent/${consentChallenge}/reject`,
+          {
             error: "access_denied",
             error_description: "The resource owner denied the request",
           },
-        })
+        )
 
         return res
           .status(200)

diff --git a/pages/consent.tsx b/pages/consent.tsx
@@ -11,6 +11,8 @@ const Consent = () => {
   const [csrfToken, setCsrfToken] = useState<string>("")
   const [isLoading, setIsLoading] = useState<boolean>(false)
 
+  const basePath = process.env.BASE_PATH || ""
+
   useEffect(() => {
     const { consent_challenge } = router.query
 
@@ -27,7 +29,7 @@ const Consent = () => {
         }
 
         const consentResponse = await fetch(
-          `/api/consent?consent_challenge=${consent_challenge}`,
+          `${basePath}/api/consent?consent_challenge=${consent_challenge}`,
         )
         const consentData = await consentResponse.json()
 
@@ -40,7 +42,7 @@ const Consent = () => {
         // Automatically handle skipping consent if enabled
         if (consentData.client?.skip_consent) {
           console.log("Skipping consent, automatically submitting.")
-          const skipResponse = await fetch("/api/consent", {
+          const skipResponse = await fetch(`${basePath}/api/consent`, {
             method: "POST",
             headers: {
               "Content-Type": "application/json",
@@ -58,7 +60,7 @@ const Consent = () => {
           if (skipData.error) {
             throw new Error(skipData.error)
           }
-          router.push(skipData.redirect_to)
+          window.location.href = skipData.redirect_to
           return
         }
       } catch (error) {
@@ -90,7 +92,7 @@ const Consent = () => {
     }
 
     try {
-      const response = await fetch("/api/consent", {
+      const response = await fetch(`${basePath}/api/consent`, {
         method: "POST",
         headers: {
           "Content-Type": "application/json",
@@ -109,8 +111,7 @@ const Consent = () => {
         console.error("Error submitting consent:", data.error)
         return
       }
-
-      router.push(data.redirect_to)
+      window.location.href = data.redirect_to
     } catch (error) {
       console.error("Error during consent submission:", error)
     }