Fixes for known bugs in v1.0.0-rc1 (#241)

* Fix #238 for same-site cookies * Redirect in Python + bump to rc2
2026-04-14 09:43:58 +02:00
parent c7672f65d9
commit baf3ac6b5a
10 changed files with 190 additions and 101 deletions
--- a/custom_components/auth_oidc/static/injection.js
+++ b/custom_components/auth_oidc/static/injection.js
@@ -1,58 +1,19 @@
 /**
- * OIDC Frontend Redirect injection script
- * This script is injected because the 'hass-oidc-auth' custom component is active.
+ * hass-oidc-auth - UX script to automatically select the Home Assistant auth provider when the "Login aborted" message is shown.
 */

-function attempt_oidc_redirect() {
-  // Get URL parameters
-  const urlParams = new URLSearchParams(window.location.search);
+let authFlowElement = null

-  // Check if we have skip_oidc_redirect directly here
-  if (urlParams.get('skip_oidc_redirect') === 'true') {
-      // No console log because this is intended behavior
-      return;
-  }
-
-  const originalUrl = urlParams.get('redirect_uri');
-  if (!originalUrl) {
-    console.warn('[OIDC] No OAuth2 redirect_uri parameter found in the URL. Frontend redirect cancelled.');
-    return;
-  }
-
-  try {
-    // Parse the redirect URI
-    const redirectUrl = new URL(originalUrl);
-
-    // Check if redirect URI has a query parameter to stop OIDC injection
-    if (redirectUrl.searchParams.get('skip_oidc_redirect') === 'true') {
-      // No console log because this is intended behavior
-      return;
-    }
-  } catch (error) {
-    console.error('[OIDC] Invalid redirect_uri parameter:', error);
-  }
-
-  window.stop(); // Stop loading the current page before redirecting
-
-  // Redirect to the OIDC auth URL
-  const base64encodeUrl = btoa(window.location.href);
-  const oidcAuthUrl = '/auth/oidc/welcome?redirect_uri=' + encodeURIComponent(base64encodeUrl);
-  window.location.href = oidcAuthUrl;
-}
-
-function click_alternative_provider_instead() {
-  setTimeout(() => {
-    // Find ha-auth-flow
-    const authFlowElement = document.querySelector('ha-auth-flow');
+function update() {
+  // Find ha-auth-flow
+    authFlowElement = document.querySelector('ha-auth-flow');

    if (!authFlowElement) {
-      console.warn("[OIDC] ha-auth-flow element not found. Not automatically selecting HA provider.");
      return;
    }

    // Check if the text "Login aborted" is present on the page
    if (!authFlowElement.innerText.includes('Login aborted')) {
-      console.warn("[OIDC] 'Login aborted' text not found. Not automatically selecting HA provider.");
      return;
    }

@@ -60,7 +21,6 @@ function click_alternative_provider_instead() {
    const authProviderElement = document.querySelector('ha-pick-auth-provider');

    if (!authProviderElement) {
-      console.warn("[OIDC] ha-pick-auth-provider not found. Not automatically selecting HA provider.");
      return;
    }

@@ -72,11 +32,30 @@ function click_alternative_provider_instead() {
    }

    firstListItem.click();
-  }, 500);
 }

-// Run OIDC injection upon load
-(() => {
-  attempt_oidc_redirect();
-  click_alternative_provider_instead();
-})();
+// Hide the content until ready
+let ready = false
+document.querySelector(".content").style.display = "none"
+
+const observer = new MutationObserver((mutationsList, observer) => {
+  update();
+
+  if (!ready) {
+    ready = Boolean(authFlowElement)
+    if (ready) {
+      document.querySelector(".content").style.display = ""
+    }
+  }
+})
+
+observer.observe(document.body, { childList: true, subtree: true })
+
+setTimeout(() => {
+  if (!ready) {
+    console.warn("[hass-oidc-auth]: Document was not ready after 300ms seconds, showing content anyway.")
+  }
+
+  // Force display the content
+  document.querySelector(".content").style.display = "";
+}, 300)