From 58b2037120626dcb978a6b97be8f04b30d46ca75 Mon Sep 17 00:00:00 2001
From: ekkekuru2 <ekke@ekke.jp>
Date: Tue, 21 Feb 2023 17:42:44 +0900
Subject: [PATCH] fix(schemes): url may already contain query params

---
 src/schemes/oauth2.ts        | 20 ++++++++++++++++++--
 src/schemes/openIDConnect.ts | 11 ++++++++++-
 2 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/src/schemes/oauth2.ts b/src/schemes/oauth2.ts
index 2c910207f..e32775f04 100644
--- a/src/schemes/oauth2.ts
+++ b/src/schemes/oauth2.ts
@@ -303,7 +303,14 @@ export class Oauth2Scheme<
 
     this.$auth.$storage.setUniversal(this.name + '.state', opts.state)
 
-    const url = this.options.endpoints.authorization + '?' + encodeQuery(opts)
+    let url = this.options.endpoints.authorization
+    // Authorization endpoint URL may already contain query params
+    if (url.split('/').splice(-1)[0].indexOf('?') === -1 ) {
+      url = url + '?' + encodeQuery(opts)
+    }
+    else {
+      url = url + '&' + encodeQuery(opts)
+    }
 
     window.location.replace(url)
   }
@@ -314,7 +321,16 @@ export class Oauth2Scheme<
         client_id: this.options.clientId + '',
         logout_uri: this.logoutRedirectURI
       }
-      const url = this.options.endpoints.logout + '?' + encodeQuery(opts)
+
+      let url = this.options.endpoints.logout
+      // Logout endpoint URL may already contain query params
+      if (url.split('/').splice(-1)[0].indexOf('?') === -1 ) {
+        url = url + '?' + encodeQuery(opts)
+      }
+      else {
+        url = url + '&' + encodeQuery(opts)
+      }
+
       window.location.replace(url)
     }
     return this.$auth.reset()
diff --git a/src/schemes/openIDConnect.ts b/src/schemes/openIDConnect.ts
index e97d3b449..700eb5b34 100644
--- a/src/schemes/openIDConnect.ts
+++ b/src/schemes/openIDConnect.ts
@@ -182,7 +182,16 @@ export class OpenIDConnectScheme<
         id_token_hint: this.idToken.get(),
         post_logout_redirect_uri: this.logoutRedirectURI
       }
-      const url = this.options.endpoints.logout + '?' + encodeQuery(opts)
+
+      let url = this.options.endpoints.logout
+      // Logout endpoint URL may already contain query params
+      if (url.split('/').splice(-1)[0].indexOf('?') === -1 ) {
+        url = url + '?' + encodeQuery(opts)
+      }
+      else {
+        url = url + '&' + encodeQuery(opts)
+      }
+
       window.location.replace(url)
     }
     return this.$auth.reset()