added option to send host_url as an index appended to appid in the state parameter of an auth request

Author: albogdano

src/main/java/com/erudika/scoold/utils/ScooldUtils.java

@@ -2248,73 +2248,70 @@ public String getCSPNonce() {
 
 	public String getFacebookLoginURL() {
 		return "https://www.facebook.com/dialog/oauth?client_id=" + CONF.facebookAppId() +
-				"&response_type=code&scope=email&state=" + getParaAppId() +
-				"&redirect_uri=" + getParaEndpoint() + "/facebook_auth" + getHostUrlParam();
+				"&response_type=code&scope=email&state=" + getStateParam() +
+				"&redirect_uri=" + getParaEndpoint() + "/facebook_auth";
 	}
 
 	public String getGoogleLoginURL() {
 		return "https://accounts.google.com/o/oauth2/v2/auth?client_id=" + CONF.googleAppId() +
-				"&response_type=code&scope=openid%20profile%20email&state=" + getParaAppId() +
-				"&redirect_uri=" + getParaEndpoint() + "/google_auth" + getHostUrlParam();
+				"&response_type=code&scope=openid%20profile%20email&state=" + getStateParam() +
+				"&redirect_uri=" + getParaEndpoint() + "/google_auth";
 	}
 
 	public String getGitHubLoginURL() {
 		return "https://github.com/login/oauth/authorize?response_type=code&client_id=" + CONF.githubAppId() +
-				"&scope=user%3Aemail&state=" + getParaAppId() +
-				"&redirect_uri=" + getParaEndpoint() + "/github_auth" + getHostUrlParam();
+				"&scope=user%3Aemail&state=" + getStateParam() +
+				"&redirect_uri=" + getParaEndpoint() + "/github_auth";
 	}
 
 	public String getLinkedInLoginURL() {
 		return "https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=" + CONF.linkedinAppId() +
-				"&scope=r_liteprofile%20r_emailaddress&state=" + getParaAppId() +
-				"&redirect_uri=" + getParaEndpoint() + "/linkedin_auth" + getHostUrlParam();
+				"&scope=r_liteprofile%20r_emailaddress&state=" + getStateParam() +
+				"&redirect_uri=" + getParaEndpoint() + "/linkedin_auth";
 	}
 
 	public String getTwitterLoginURL() {
-		return getParaEndpoint() + "/twitter_auth?state=" + getParaAppId();
+		return getParaEndpoint() + "/twitter_auth?state=" + getStateParam();
 	}
 
 	public String getMicrosoftLoginURL() {
 		return "https://login.microsoftonline.com/" + CONF.microsoftTenantId() +
 				"/oauth2/v2.0/authorize?response_type=code&client_id=" + CONF.microsoftAppId() +
-				"&scope=https%3A%2F%2Fgraph.microsoft.com%2Fuser.read&state=" + getParaAppId() +
-				"&redirect_uri=" + getParaEndpoint() + "/microsoft_auth" + getHostUrlParam();
+				"&scope=https%3A%2F%2Fgraph.microsoft.com%2Fuser.read&state=" + getStateParam() +
+				"&redirect_uri=" + getParaEndpoint() + "/microsoft_auth";
 	}
 
 	public String getSlackLoginURL() {
 		return "https://slack.com/oauth/v2/authorize?response_type=code&client_id=" + CONF.slackAppId() +
-				"&user_scope=identity.basic%20identity.email%20identity.team%20identity.avatar&state=" + getParaAppId() +
-				"&redirect_uri=" + getParaEndpoint() + "/slack_auth" + getHostUrlParam();
+				"&user_scope=identity.basic%20identity.email%20identity.team%20identity.avatar&state=" + getStateParam() +
+				"&redirect_uri=" + getParaEndpoint() + "/slack_auth";
 	}
 
 	public String getAmazonLoginURL() {
 		return "https://www.amazon.com/ap/oa?response_type=code&client_id=" + CONF.amazonAppId() +
-				"&scope=profile&state=" + getParaAppId() +
-				"&redirect_uri=" + getParaEndpoint() + "/amazon_auth" + getHostUrlParam();
+				"&scope=profile&state=" + getStateParam() +
+				"&redirect_uri=" + getParaEndpoint() + "/amazon_auth";
 	}
 
 	public String getOAuth2LoginURL() {
 		return CONF.oauthAuthorizationUrl("") + "?" +
 				"response_type=code&client_id=" + CONF.oauthAppId("") +
 				"&scope=" + CONF.oauthScope("") + getOauth2StateParam("") +
-				"&redirect_uri=" + getParaEndpoint() + "/oauth2_auth" + getOauth2AppidParam("") +
-				getHostUrlParam(CONF.oauthAppidInStateParamEnabled(""));
+				"&redirect_uri=" + getParaEndpoint() + "/oauth2_auth" + getOauth2AppidParam("");
 	}
 
 	public String getOAuth2SecondLoginURL() {
 		return CONF.oauthAuthorizationUrl("second") + "?" +
 				"response_type=code&client_id=" + CONF.oauthAppId("second") +
 				"&scope=" +  CONF.oauthScope("second") + getOauth2StateParam("second") +
-				"&redirect_uri=" + getParaEndpoint() + "/oauth2_auth" + getOauth2AppidParam("second") +
-				getHostUrlParam(CONF.oauthAppidInStateParamEnabled("second"));
+				"&redirect_uri=" + getParaEndpoint() + "/oauth2_auth" + getOauth2AppidParam("second");
 	}
 
 	public String getOAuth2ThirdLoginURL() {
 		return CONF.oauthAuthorizationUrl("third") + "?" +
 				"response_type=code&client_id=" + CONF.oauthAppId("third") +
 				"&scope=" +  CONF.oauthScope("third") + getOauth2StateParam("third") +
-				"&redirect_uri=" + getParaEndpoint() + "/oauth2_auth" + getOauth2AppidParam("third") +
-				getHostUrlParam(CONF.oauthAppidInStateParamEnabled("third"));
+				"&redirect_uri=" + getParaEndpoint() + "/oauth2_auth" + getOauth2AppidParam("third");
 	}
 
 	public String getParaEndpoint() {
@@ -2326,19 +2323,20 @@ public String getParaAppId() {
 	}
 
 	private String getOauth2StateParam(String a) {
-		return "&state=" + (CONF.oauthAppidInStateParamEnabled(a) ? getParaAppId() : UUID.randomUUID().toString());
+		return "&state=" + (CONF.oauthAppidInStateParamEnabled(a) ? getStateParam() : UUID.randomUUID().toString());
 	}
 
 	private String getOauth2AppidParam(String a) {
 		return CONF.oauthAppidInStateParamEnabled(a) ? "" : "?appid=" + getParaAppId();
 	}
 
-	private String getHostUrlParam() {
-		return getHostUrlParam(true);
-	}
-
-	private String getHostUrlParam(boolean isSingleParam) {
-		return StringUtils.isBlank(CONF.hostUrlAliases()) ? "" : ((isSingleParam ? "?" : "&") + "host_url=" + CONF.serverUrl());
+	private String getStateParam() {
+		if (StringUtils.isBlank(CONF.hostUrlAliases())) {
+			return getParaAppId();
+		} else {
+			int index = Arrays.asList(CONF.hostUrlAliases().split("\\s*,\\s*")).indexOf(CONF.serverUrl());
+			return getParaAppId() + (index >= 0 ? "|" + index : "");
+		}
 	}
 
 	public String getFirstConfiguredLoginURL() {