From d8d5c217f560b7021760882c3c7bdc3e971e0fd8 Mon Sep 17 00:00:00 2001
From: Volmer <git@radicaos.com>
Date: Fri, 19 May 2017 15:09:26 -0400
Subject: [PATCH] Do not include query params in callback URLs

In order to be compatible with GitHub Integration's Oauth flow the callback URL
must match the same one provided in the integration's settings page. The current
`callback_url` method includes any query params received previously, which
causes a mismatch, and GitHub returns "406 Not Accepted" with an error message:

```
(github) Callback phase initiated.
(github) Authentication failure! invalid_credentials: OAuth2::Error,
redirect_uri_mismatch: The redirect_uri MUST match the registered callback URL
for this application.
error=redirect_uri_mismatch&error_description=The+redirect_uri+MUST+match+
the+registered+callback+URL+for+this+application.&error_uri=https%3A%2F%2
Fdeveloper.github.com%2Fv3%2Foauth%2F%23redirect-uri-mismatch2
```

For more information:
https://developer.github.com/early-access/integrations/user-identification-authorization
---
 lib/omniauth/strategies/github.rb       | 4 ++++
 spec/omniauth/strategies/github_spec.rb | 9 +++++++++
 2 files changed, 13 insertions(+)

diff --git a/lib/omniauth/strategies/github.rb b/lib/omniauth/strategies/github.rb
index 26d31e7..c60b2d1 100644
--- a/lib/omniauth/strategies/github.rb
+++ b/lib/omniauth/strategies/github.rb
@@ -69,6 +69,10 @@ def email_access_allowed?
         scopes = options['scope'].split(',')
         (scopes & email_scopes).any?
       end
+
+      def callback_url
+        full_host + script_name + callback_path
+      end
     end
   end
 end
diff --git a/spec/omniauth/strategies/github_spec.rb b/spec/omniauth/strategies/github_spec.rb
index 0d4c313..302ee61 100644
--- a/spec/omniauth/strategies/github_spec.rb
+++ b/spec/omniauth/strategies/github_spec.rb
@@ -149,4 +149,13 @@
       expect(subject.info['urls']['GitHub']).to eq('http://enterprise/me')
     end
   end
+
+  describe '#callback_url' do
+    it 'is a combination of host, script name, and callback path' do
+      allow(subject).to receive(:full_host).and_return('https://example.com')
+      allow(subject).to receive(:script_name).and_return('/sub_uri')
+
+      expect(subject.callback_url).to eq('https://example.com/sub_uri/auth/github/callback')
+    end
+  end
 end