fix(sso/jumpcloud): Ensure that state param is used (#1020)

fatmcgav · web-flow · commit 9921abce8fec · 2026-03-20T07:29:22.000-07:00
This commit updates the JumpCloud SSO provider implmentation in-order to ensure that the `state` and `pkce` params are included in the generated auth redirect. Ref: https://app.sourcebot.dev/~/chat/cmmyp5bsc0001n37tvx8dz4bp
diff --git a/packages/web/src/ee/features/sso/sso.ts b/packages/web/src/ee/features/sso/sso.ts
@@ -442,6 +442,7 @@ const createJumpCloudProvider = (clientId: string, clientSecret: string, issuer:
         clientId: clientId,
         clientSecret: clientSecret,
         issuer: issuer,
+        checks: ["pkce", "state"],
         allowDangerousEmailAccountLinking: env.AUTH_EE_ALLOW_EMAIL_ACCOUNT_LINKING === 'true',
     } as Provider;
 }

Original file line number	Diff line number	Diff line change
`@@ -442,6 +442,7 @@ const createJumpCloudProvider = (clientId: string, clientSecret: string, issuer:`
`442`	`442`	`clientId: clientId,`
`443`	`443`	`clientSecret: clientSecret,`
`444`	`444`	`issuer: issuer,`
	`445`	`+ checks: ["pkce", "state"],`
`445`	`446`	`allowDangerousEmailAccountLinking: env.AUTH_EE_ALLOW_EMAIL_ACCOUNT_LINKING === 'true',`
`446`	`447`	`} as Provider;`
`447`	`448`	`}`