diff --git a/.env.example b/.env.example index 97c6c5cf7..33ac71f15 100644 --- a/.env.example +++ b/.env.example @@ -2,7 +2,6 @@ VITE_APP_NAME="MapRoulette" VITE_APP_DESCRIPTION="MapRoulette 4 Local Development Environment" VITE_API_BASE_URL="https://maproulette.org" VITE_MAP_ROULETTE_SERVER_WEBSOCKET_URL="wss://maproulette.org/ws" -VITE_SERVER_OAUTH_URL="https://maproulette.org/auth/authenticate" VITE_SERVER_API_KEY="" # Base URL for short links embedded in OSM changeset comments # (e.g. https://mpr.lt/c//t/). If unset, diff --git a/.env.test b/.env.test index deb7e24e1..8701be4cc 100644 --- a/.env.test +++ b/.env.test @@ -4,7 +4,6 @@ VITE_APP_URL="http://localhost:3005" VITE_API_BASE_URL="http://localhost:9000" VITE_MAP_ROULETTE_SERVER_WEBSOCKET_URL="ws://localhost:9000/ws" -VITE_SERVER_OAUTH_URL="http://localhost:9000/auth/authenticate" # Must match MR_SUPER_KEY in docker-compose.test.yaml. VITE_SERVER_API_KEY="super-secret-key" diff --git a/src/api/index.ts b/src/api/index.ts index ee6a8a6ab..6768bfc98 100644 --- a/src/api/index.ts +++ b/src/api/index.ts @@ -47,12 +47,6 @@ export const apiRequest = ky.extend({ }, }) -export const createApiWithBaseUrl = (baseUrl: string) => { - return apiRequest.extend({ - prefixUrl: baseUrl, - }) -} - export const convertParamsToSearchParams = ( params: Record< string, diff --git a/src/contexts/AuthContext.tsx b/src/contexts/AuthContext.tsx index b8eaf8a43..a893ef10b 100644 --- a/src/contexts/AuthContext.tsx +++ b/src/contexts/AuthContext.tsx @@ -1,7 +1,7 @@ import { useQueryClient } from '@tanstack/react-query' import { useLocation, useSearch } from '@tanstack/react-router' import { createContext, useCallback, useContext, useEffect, useMemo, useRef, useState } from 'react' -import { api, createApiWithBaseUrl } from '@/api' +import { api, apiRequest } from '@/api' import { Loader } from '@/components/ui/Loader' import { logger } from '@/lib/logger' import type { OAuthLoginResponse } from '@/types/Oauth' @@ -175,13 +175,13 @@ export const AuthProvider = ({ children }: { children: React.ReactNode }) => { const currentUrl = location.pathname + location.searchStr setStoredRedirectUrl(currentUrl) - const frontendOrigin = window.env.VITE_APP_URL || window.location.origin - const oauthBaseUrl = window.env.VITE_SERVER_OAUTH_URL - const loginUrl = `?redirect=${encodeURIComponent(currentUrl)}&redirect_uri=${encodeURIComponent(frontendOrigin)}` - try { - const oauthApi = createApiWithBaseUrl(oauthBaseUrl) - const response = await oauthApi.get(loginUrl) + // Hit the backend via the shared apiRequest client (same host as the + // callback) so the backend derives the OAuth redirect_uri from this + // request's Origin header, which resolves correctly across deployments + // (maproulette.org, beta.maproulette.org, 127.0.0.1). No redirect param: + // post-login navigation is handled client-side via the stored redirect URL. + const response = await apiRequest.get('auth/authenticate') const jsonData = (await response.json()) as OAuthLoginResponse if (jsonData.state) { diff --git a/src/vite-env.d.ts b/src/vite-env.d.ts index dfccc2098..d61fb398e 100644 --- a/src/vite-env.d.ts +++ b/src/vite-env.d.ts @@ -12,7 +12,6 @@ interface AppEnv { readonly VITE_APP_DESCRIPTION: string readonly VITE_API_BASE_URL: string | undefined readonly VITE_MAP_ROULETTE_SERVER_WEBSOCKET_URL: string - readonly VITE_SERVER_OAUTH_URL: string readonly VITE_SERVER_API_KEY: string | undefined readonly VITE_GITHUB_ISSUES_API_OWNER: string | undefined readonly VITE_GITHUB_ISSUES_API_REPO: string | undefined