From 73890ed0633b0cc322c10de1e49f36dbdbe5d1ad Mon Sep 17 00:00:00 2001
From: Coatezy <2954283+coatezy@users.noreply.github.com>
Date: Tue, 26 Mar 2024 21:09:30 +0000
Subject: [PATCH] fix: use client.site instead of the callback_url

By using client.site instead of callback_url we can preserve any query string parameters that could be included within the site key and also configured in the callback url within the user pool client app
---
 lib/omniauth/strategies/cognito_idp.rb       | 2 +-
 spec/omniauth/strategies/cognito_idp_spec.rb | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/omniauth/strategies/cognito_idp.rb b/lib/omniauth/strategies/cognito_idp.rb
index 50b9a4f..b0071e6 100644
--- a/lib/omniauth/strategies/cognito_idp.rb
+++ b/lib/omniauth/strategies/cognito_idp.rb
@@ -67,7 +67,7 @@ class CognitoIdP < OmniAuth::Strategies::OAuth2
       def build_access_token
         client.auth_code.get_token(
           request.params['code'],
-          { redirect_uri: callback_url.split('?').first }.merge(token_params.to_hash(symbolize_keys: true)),
+          { redirect_uri: client.site }.merge(token_params.to_hash(symbolize_keys: true)),
           deep_symbolize(options.auth_token_params)
         )
       end
diff --git a/spec/omniauth/strategies/cognito_idp_spec.rb b/spec/omniauth/strategies/cognito_idp_spec.rb
index f162315..717f053 100644
--- a/spec/omniauth/strategies/cognito_idp_spec.rb
+++ b/spec/omniauth/strategies/cognito_idp_spec.rb
@@ -31,7 +31,7 @@
       end
     end
 
-    let(:oauth_client) { double('OAuth2::Client', auth_code: auth_code) }
+    let(:oauth_client) { double('OAuth2::Client', auth_code: auth_code, site: "http://localhost/auth/cognito-idp/callback") }
     let(:auth_code) { double('OAuth2::AuthCode', get_token: access_token_object) }
     let(:access_token_object) { double('OAuth2::AccessToken') }
     let(:callback_url) { 'http://localhost/auth/cognito-idp/callback?code=1234' }
@@ -57,7 +57,7 @@
     let(:env) { {} }
     let(:request) { double('Rack::Request', params: {'state' => strategy.session['omniauth.state']}) }
     let(:session) { { 'omniauth.state' => 'some_state' } }
-    let(:oauth_client) { double('OAuth2::Client', auth_code: auth_code) }
+    let(:oauth_client) { double('OAuth2::Client', auth_code: auth_code, site: "http://localhost/auth/cognito-idp/callback") }
     let(:auth_code) { double('OAuth2::AuthCode') }
     let(:access_token_object) { OAuth2::AccessToken.from_hash(oauth_client, token_hash) }