The OAuth2 flow redirects to the service's origin (window.location.origin) after successful authentication.
The callback handler infers whether the login was triggered as the result of an OAuth2 redirect based on the presence of the code, scope, and state URL parameters. It then communicates the authentication results back to the parent window, which is responsible for closing it. Signed-off-by: Arthur Bied-Charreton <[email protected]> --- www/manager6/Workspace.js | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/www/manager6/Workspace.js b/www/manager6/Workspace.js index b8061c2a..1e79dd57 100644 --- a/www/manager6/Workspace.js +++ b/www/manager6/Workspace.js @@ -150,9 +150,29 @@ Ext.define('PVE.StdWorkspace', { me.down('pveResourceTree').selectById(nodeid); }, + handleOauth2Callback: function (params) { + const code = params.get('code'); + const scope = params.get('scope'); + const state = params.get('state'); + + // If true, this window was opened by the OAuth2 button handler from the + // SMTP notification targets edit panel. + // + // Since we got here through a redirect, this window is not script-closable, + // and we rely on the parent window to close it in its broadcast channel's + // message handler. + if (code && scope && state) { + const { channelName } = JSON.parse(decodeURIComponent(state)); + const bc = new BroadcastChannel(channelName); + bc.postMessage({ code, scope }); + } + }, + onLogin: function (loginData) { let me = this; + me.handleOauth2Callback(new URLSearchParams(window.location.search)); + me.updateUserInfo(); if (loginData) { -- 2.47.3
