Sha256: 4295ed01acd2180e1c9ed77007097e03d89eeb9e8026aed77e1d17f63a95904c

Contents?: true

Size: 839 Bytes

Versions: 5

Compression:

Stored size: 839 Bytes

Contents

# frozen_string_literal: true
module Omniauth
  module Rails
    module Flash
      extend ActiveSupport::Concern

      def set_url_to_return_to_after_authentication
        # Use caution when setting these urls.
        # There are phishing risks associated with redirection, as described here:
        # See https://www.owasp.org/index.php/Unvalidated_Redirects_and_Forwards_Cheat_Sheet
        flash[:url_to_return_to_after_authentication] =
          url_to_return_to_after_authentication_from_flash ||
          default_url_to_return_to_after_authentication
      end

      private

      def url_to_return_to_after_authentication_from_flash
        flash[:url_to_return_to_after_authentication]
      end

      def default_url_to_return_to_after_authentication
        Configuration.authenticated_root
      end
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
omniauth-rails-0.6.0 app/controllers/omniauth/rails/flash.rb
omniauth-rails-0.5.0 app/controllers/omniauth/rails/flash.rb
omniauth-rails-0.4.0 app/controllers/omniauth/rails/flash.rb
omniauth-rails-0.3.0 app/controllers/omniauth/rails/flash.rb
omniauth-rails-0.2.0 app/controllers/omniauth/rails/flash.rb