From 611730f22a2d5bf20b34145eba645a334993165e Mon Sep 17 00:00:00 2001 From: kyy Date: Mon, 18 May 2026 17:58:10 +0900 Subject: [PATCH] =?UTF-8?q?Kratos=20=ED=97=88=EC=9A=A9=20return=20URL=20?= =?UTF-8?q?=EC=83=9D=EC=84=B1=20=EB=A1=9C=EC=A7=81=20=EB=B3=B4=EA=B0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- compose.ory.yaml | 4 ++-- scripts/auth_config.sh | 18 +++++++++++++++++- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/compose.ory.yaml b/compose.ory.yaml index 2672ddde..07eb83e9 100644 --- a/compose.ory.yaml +++ b/compose.ory.yaml @@ -29,7 +29,7 @@ services: - KRATOS_SERVE_PUBLIC_BASE_URL=${KRATOS_BROWSER_URL} - KRATOS_SERVE_ADMIN_BASE_URL=${KRATOS_ADMIN_URL} - KRATOS_SELFSERVICE_DEFAULT_BROWSER_RETURN_URL=${KRATOS_UI_URL} - - KRATOS_SELFSERVICE_ALLOWED_RETURN_URLS=${KRATOS_ALLOWED_RETURN_URLS_JSON:-["${KRATOS_UI_URL}","${KRATOS_UI_URL}/"]} + - KRATOS_SELFSERVICE_ALLOWED_RETURN_URLS=${KRATOS_ALLOWED_RETURN_URLS_JSON:-["${KRATOS_UI_URL}","${KRATOS_UI_URL}/","${USERFRONT_URL}","${USERFRONT_URL}/","${USERFRONT_URL}/ko","${USERFRONT_URL}/ko/","${USERFRONT_URL}/en","${USERFRONT_URL}/en/","${USERFRONT_URL}/auth/callback","${USERFRONT_URL}/ko/auth/callback","${USERFRONT_URL}/en/auth/callback","${ADMINFRONT_URL}/auth/callback","${DEVFRONT_URL}/auth/callback","${ORGFRONT_URL}/auth/callback"]} - KRATOS_SELFSERVICE_FLOWS_ERROR_UI_URL=${KRATOS_UI_URL}/error - KRATOS_SELFSERVICE_FLOWS_SETTINGS_UI_URL=${KRATOS_UI_URL}/error?error=settings_disabled - KRATOS_SELFSERVICE_FLOWS_RECOVERY_UI_URL=${KRATOS_UI_URL}/recovery @@ -55,7 +55,7 @@ services: - KRATOS_SERVE_PUBLIC_BASE_URL=${KRATOS_BROWSER_URL} - KRATOS_SERVE_ADMIN_BASE_URL=${KRATOS_ADMIN_URL} - KRATOS_SELFSERVICE_DEFAULT_BROWSER_RETURN_URL=${KRATOS_UI_URL} - - KRATOS_SELFSERVICE_ALLOWED_RETURN_URLS=${KRATOS_ALLOWED_RETURN_URLS_JSON:-["${KRATOS_UI_URL}","${KRATOS_UI_URL}/"]} + - KRATOS_SELFSERVICE_ALLOWED_RETURN_URLS=${KRATOS_ALLOWED_RETURN_URLS_JSON:-["${KRATOS_UI_URL}","${KRATOS_UI_URL}/","${USERFRONT_URL}","${USERFRONT_URL}/","${USERFRONT_URL}/ko","${USERFRONT_URL}/ko/","${USERFRONT_URL}/en","${USERFRONT_URL}/en/","${USERFRONT_URL}/auth/callback","${USERFRONT_URL}/ko/auth/callback","${USERFRONT_URL}/en/auth/callback","${ADMINFRONT_URL}/auth/callback","${DEVFRONT_URL}/auth/callback","${ORGFRONT_URL}/auth/callback"]} - KRATOS_SELFSERVICE_FLOWS_ERROR_UI_URL=${KRATOS_UI_URL}/error - KRATOS_SELFSERVICE_FLOWS_SETTINGS_UI_URL=${KRATOS_UI_URL}/error?error=settings_disabled - KRATOS_SELFSERVICE_FLOWS_RECOVERY_UI_URL=${KRATOS_UI_URL}/recovery diff --git a/scripts/auth_config.sh b/scripts/auth_config.sh index 21ce936c..56321eed 100755 --- a/scripts/auth_config.sh +++ b/scripts/auth_config.sh @@ -307,8 +307,24 @@ build_allowed_return_urls() { fi } + add_userfront_return_urls() { + local base="$1" + local normalized + normalized="$(canonicalize_url "$base")" + [[ -n "$normalized" ]] || return + + add_allowed_with_slash_variant "$normalized" + add_allowed_url "${normalized}/ko" + add_allowed_url "${normalized}/ko/" + add_allowed_url "${normalized}/en" + add_allowed_url "${normalized}/en/" + add_allowed_url "${normalized}/auth/callback" + add_allowed_url "${normalized}/ko/auth/callback" + add_allowed_url "${normalized}/en/auth/callback" + } + add_allowed_with_slash_variant "$KRATOS_UI_URL" - add_allowed_with_slash_variant "$USERFRONT_URL" + add_userfront_return_urls "$USERFRONT_URL" for url in "${ADMIN_CALLBACKS[@]}"; do add_allowed_url "$url"