Fix for issues with binding ports other than 80/443

server/routers/badger/verifySession.ts : verifyResourceSession() updated code behind "cleanHost" var to a regex which strips the trailing :port for any port (rather than a string match for 80/443) src/app/auth/resource/[resourceId]/page.tsx : ResourceAuthPage() added a secondary match for serverResourceHost and redirectHost that accounts for ports server/routers/badger/exchangeSession.ts : Updated exchangeSession() to use the same "cleanHost" type var (with port-stripping) as in verifyResourceSession(), replaced references to "host" with "cleanHost"
2026-01-29 06:10:47 +00:00 · 2025-07-30 22:16:46 -07:00
parent 69b28b9b02
commit 481714f095
3 changed files with 17 additions and 7 deletions
--- a/server/routers/badger/exchangeSession.ts
+++ b/server/routers/badger/exchangeSession.ts
@@ -52,20 +52,26 @@ export async function exchangeSession(

    try {
        const { requestToken, host, requestIp } = parsedBody.data;
+        let cleanHost = host;
+        // if the host ends with :port
+        if (cleanHost.match(/:[0-9]{1,5}$/)) {
+            let matched = ''+cleanHost.match(/:[0-9]{1,5}$/);
+            cleanHost = cleanHost.slice(0, -1*matched.length);
+        }

        const clientIp = requestIp?.split(":")[0];

        const [resource] = await db
            .select()
            .from(resources)
-            .where(eq(resources.fullDomain, host))
+            .where(eq(resources.fullDomain, cleanHost))
            .limit(1);

        if (!resource) {
            return next(
                createHttpError(
                    HttpCode.NOT_FOUND,
-                    `Resource with host ${host} not found`
+                    `Resource with host ${cleanHost} not found`
                )
            );
        }
--- a/server/routers/badger/verifySession.ts
+++ b/server/routers/badger/verifySession.ts
@@ -121,11 +121,10 @@ export async function verifyResourceSession(
        logger.debug("Client IP:", { clientIp });

        let cleanHost = host;
-        // if the host ends with :443 or :80 remove it
-        if (cleanHost.endsWith(":443")) {
-            cleanHost = cleanHost.slice(0, -4);
-        } else if (cleanHost.endsWith(":80")) {
-            cleanHost = cleanHost.slice(0, -3);
+        // if the host ends with :port, strip it
+        if (cleanHost.match(/:[0-9]{1,5}$/)) {
+            let matched = ''+cleanHost.match(/:[0-9]{1,5}$/);
+            cleanHost = cleanHost.slice(0, -1*matched.length);
        }

        const resourceCacheKey = `resource:${cleanHost}`;
--- a/src/app/auth/resource/[resourceId]/page.tsx
+++ b/src/app/auth/resource/[resourceId]/page.tsx
@@ -59,9 +59,14 @@ export default async function ResourceAuthPage(props: {
        try {
            const serverResourceHost = new URL(authInfo.url).host;
            const redirectHost = new URL(searchParams.redirect).host;
+            const redirectPort = new URL(searchParams.redirect).port;
+            const serverResourceHostWithPort = `${serverResourceHost}:${redirectPort}`;
+

            if (serverResourceHost === redirectHost) {
                redirectUrl = searchParams.redirect;
+            } else if ( serverResourceHostWithPort === redirectHost ) {
+                redirectUrl = searchParams.redirect;
            }
        } catch (e) {}
    }