fix: review comments

Author: ankarhem

package.json

@@ -70,7 +70,7 @@
     "reflect-metadata": "^0.1.13",
     "secure-random-password": "^0.2.3",
     "semver": "^7.3.5",
-    "sqlite3": "^5.0.2",
+    "sqlite3": "^5.1.1",
     "swagger-ui-express": "^4.3.0",
     "swr": "^1.2.2",
     "typeorm": "0.2.45",

server/routes/auth.ts

@@ -476,18 +476,21 @@ authRoutes.get('/oidc-callback', async (req, res, next) => {
     // Fetch the token data
     const callbackUrl = new URL(
       '/api/v1/auth/oidc-callback',
-      `http://${req.headers.host}`
+      `${req.protocol}://${req.headers.host}`
     );
+
+    const formData = new URLSearchParams();
+    formData.append('client_secret', oidcClientSecret);
+    formData.append('grant_type', 'authorization_code');
+    formData.append('redirect_uri', callbackUrl.toString());
+    formData.append('client_id', oidcClientId);
+    formData.append('code', code);
     const response = await fetch(wellKnownInfo.token_endpoint, {
       method: 'POST',
-      headers: new Headers([['Content-Type', 'application/json']]),
-      body: JSON.stringify({
-        client_cecret: oidcClientSecret,
-        grant_type: 'authorization_code',
-        redirect_uri: callbackUrl,
-        client_id: oidcClientId,
-        code,
-      }),
+      headers: new Headers([
+        ['Content-Type', 'application/x-www-form-urlencoded'],
+      ]),
+      body: formData,
     });
 
     // Check that the response is valid

src/components/Login/index.tsx

@@ -20,7 +20,7 @@ const messages = defineMessages({
   signinheader: 'Sign in to continue',
   signinwithplex: 'Use your Plex account',
   signinwithoverseerr: 'Use your {applicationTitle} account',
-  signinwithoidc: 'Use your {oidcName} account',
+  signinwithoidcaccount: 'Use your {oidcName} account',
 });
 
 const Login: React.FC = () => {
@@ -169,7 +169,7 @@ const Login: React.FC = () => {
                         }`}
                         onClick={() => handleClick(2)}
                       >
-                        {intl.formatMessage(messages.signinwithoidc, {
+                        {intl.formatMessage(messages.signinwithoidcaccount, {
                           oidcName: settings.currentSettings.oidcName,
                         })}
                       </button>

src/components/Settings/SettingsUsers/index.tsx

@@ -59,9 +59,8 @@ const validationSchema = yup.object().shape({
         test: (val) => {
           return (
             !!val &&
-            /^(?!:\/\/)([a-zA-Z0-9-_]+\.)*[a-zA-Z0-9][a-zA-Z0-9-_]+\.[a-zA-Z]{2,11}?$/.test(
-              val
-            )
+            // Any HTTPS domain without query string
+            /^([a-zA-Z0-9-_]+\.)[^?]+$/i.test(val)
           );
         },
       }),