add alternative callback url (#766)

Co-authored-by: Kevin CATHALY <alakme@kevins-mbp.home>
Co-authored-by: Nathan Sarrazin <sarrazin.nathan@gmail.com>

.env

@@ -130,4 +130,6 @@ EXPOSE_API=true
 # PUBLIC_APP_DATA_SHARING=1
 # PUBLIC_APP_DISCLAIMER=1
 
-ENABLE_ASSISTANTS=false #set to true to enable assistants feature
+ENABLE_ASSISTANTS=false #set to true to enable assistants feature
+
+ALTERNATIVE_REDIRECT_URLS=`[]` #valide alternative redirect URL for OAuth

.env.template

@@ -243,3 +243,7 @@ PUBLIC_PLAUSIBLE_SCRIPT_URL="/js/script.js"
 
 ENABLE_ASSISTANTS=true
 EXPOSE_API=true
+
+ALTERNATIVE_REDIRECT_URLS=`[
+  huggingchat://login/callback
+]`

src/routes/login/+page.server.ts

@@ -1,13 +1,24 @@
 import { redirect } from "@sveltejs/kit";
 import { getOIDCAuthorizationUrl } from "$lib/server/auth";
 import { base } from "$app/paths";
+import { ALTERNATIVE_REDIRECT_URLS } from "$env/static/private";
 
 export const actions = {
 	async default({ url, locals, request }) {
-		// TODO: Handle errors if provider is not responding
 		const referer = request.headers.get("referer");
+		let redirectURI = `${(referer ? new URL(referer) : url).origin}${base}/login/callback`;
+
+		// TODO: Handle errors if provider is not responding
+
+		if (url.searchParams.has("callback")) {
+			const callback = url.searchParams.get("callback") || redirectURI;
+			if (ALTERNATIVE_REDIRECT_URLS.includes(callback)) {
+				redirectURI = callback;
+			}
+		}
+
 		const authorizationUrl = await getOIDCAuthorizationUrl(
-			{ redirectURI: `${(referer ? new URL(referer) : url).origin}${base}/login/callback` },
+			{ redirectURI },
 			{ sessionId: locals.sessionId }
 		);