From: Ben Darnell <ben@bendarnell.com>
Date: Sat, 8 Jul 2023 00:09:36 +0000 (-0400)
Subject: auth: Use a setting for facebook redirect url
X-Git-Tag: v6.4.0b1~24^2~2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f69b8dc40eb44f688d48b2fa89061b9c739cb5e2;p=thirdparty%2Ftornado.git

auth: Use a setting for facebook redirect url

Matches a change made to the Google auth mixin in a previous commit.

Fixes #756
---

diff --git a/tornado/auth.py b/tornado/auth.py
index 1312f2990..e22397370 100644
--- a/tornado/auth.py
+++ b/tornado/auth.py
@@ -997,16 +997,19 @@ class FacebookGraphMixin(OAuth2Mixin):
             class FacebookGraphLoginHandler(tornado.web.RequestHandler,
                                             tornado.auth.FacebookGraphMixin):
               async def get(self):
+                    redirect_uri = urllib.parse.urljoin(
+                        self.application.settings['redirect_base_uri'],
+                        self.reverse_url('facebook_oauth'))
                   if self.get_argument("code", False):
                       user = await self.get_authenticated_user(
-                          redirect_uri='/auth/facebookgraph/',
+                          redirect_uri=redirect_uri,
                           client_id=self.settings["facebook_api_key"],
                           client_secret=self.settings["facebook_secret"],
                           code=self.get_argument("code"))
                       # Save the user with e.g. set_signed_cookie
                   else:
                       self.authorize_redirect(
-                          redirect_uri='/auth/facebookgraph/',
+                          redirect_uri=redirect_uri,
                           client_id=self.settings["facebook_api_key"],
                           extra_params={"scope": "user_posts"})