use url-join

src/server/service/passport.js

@@ -1,4 +1,5 @@
 const debug = require('debug')('growi:service:PassportService');
+const urljoin = require('url-join');
 const passport = require('passport');
 const LocalStrategy = require('passport-local').Strategy;
 const LdapStrategy = require('passport-ldapauth');
@@ -312,7 +313,7 @@ class PassportService {
       clientId: config.crowi['security:passport-google:clientId'] || process.env.OAUTH_GOOGLE_CLIENT_ID,
       clientSecret: config.crowi['security:passport-google:clientSecret'] || process.env.OAUTH_GOOGLE_CLIENT_SECRET,
       callbackURL: (this.crowi.configManager.getConfig('crowi', 'app:siteUrl') != null)
-        ? `${this.crowi.configManager.getSiteUrl()}/passport/google/callback`                               // auto-generated with v3.2.4 and above
+        ? urljoin(this.crowi.configManager.getSiteUrl(), '/passport/google/callback')                       // auto-generated with v3.2.4 and above
         : config.crowi['security:passport-google:callbackUrl'] || process.env.OAUTH_GOOGLE_CALLBACK_URI,    // DEPRECATED: backward compatible with v3.2.3 and below
       skipUserProfile: false,
     }, function(accessToken, refreshToken, profile, done) {
@@ -359,7 +360,7 @@ class PassportService {
       clientID: config.crowi['security:passport-github:clientId'] || process.env.OAUTH_GITHUB_CLIENT_ID,
       clientSecret: config.crowi['security:passport-github:clientSecret'] || process.env.OAUTH_GITHUB_CLIENT_SECRET,
       callbackURL: (this.crowi.configManager.getConfig('crowi', 'app:siteUrl') != null)
-        ? `${this.crowi.configManager.getSiteUrl()}/passport/github/callback`                               // auto-generated with v3.2.4 and above
+        ? urljoin(this.crowi.configManager.getSiteUrl(), '/passport/github/callback')                       // auto-generated with v3.2.4 and above
         : config.crowi['security:passport-github:callbackUrl'] || process.env.OAUTH_GITHUB_CALLBACK_URI,    // DEPRECATED: backward compatible with v3.2.3 and below
       skipUserProfile: false,
     }, function(accessToken, refreshToken, profile, done) {
@@ -406,7 +407,7 @@ class PassportService {
       consumerKey: config.crowi['security:passport-twitter:consumerKey'] || process.env.OAUTH_TWITTER_CONSUMER_KEY,
       consumerSecret: config.crowi['security:passport-twitter:consumerSecret'] || process.env.OAUTH_TWITTER_CONSUMER_SECRET,
       callbackURL: (this.crowi.configManager.getConfig('crowi', 'app:siteUrl') != null)
-        ? `${this.crowi.configManager.getSiteUrl()}/passport/twitter/callback`                               // auto-generated with v3.2.4 and above
+        ? urljoin(this.crowi.configManager.getSiteUrl(), '/passport/twitter/callback')                       // auto-generated with v3.2.4 and above
         : config.crowi['security:passport-twitter:callbackUrl'] || process.env.OAUTH_TWITTER_CALLBACK_URI,   // DEPRECATED: backward compatible with v3.2.3 and below
       skipUserProfile: false,
     }, function(accessToken, refreshToken, profile, done) {
@@ -452,7 +453,7 @@ class PassportService {
     passport.use(new SamlStrategy({
       entryPoint: configManager.getConfig('crowi', 'security:passport-saml:entryPoint'),
       callbackUrl: (this.crowi.configManager.getConfig('crowi', 'app:siteUrl') != null)
-        ? `${this.crowi.configManager.getSiteUrl()}/passport/saml/callback`          // auto-generated with v3.2.4 and above
+        ? urljoin(this.crowi.configManager.getSiteUrl(), '/passport/saml/callback')  // auto-generated with v3.2.4 and above
         : configManager.getConfig('crowi', 'security:passport-saml:callbackUrl'),    // DEPRECATED: backward compatible with v3.2.3 and below
       issuer: configManager.getConfig('crowi', 'security:passport-saml:issuer'),
       cert: configManager.getConfig('crowi', 'security:passport-saml:cert'),

src/server/util/googleAuth.js

@@ -1,3 +1,7 @@
+const debug = require('debug')('growi:lib:googleAuth');
+const urljoin = require('url-join');
+const { GoogleApis } = require('googleapis');
+
 /**
  * googleAuth utility
  */
@@ -5,9 +9,7 @@
 module.exports = function(crowi) {
   'use strict';
 
-  const { GoogleApis } = require('googleapis');
-  var google = new GoogleApis()
-    , debug = require('debug')('growi:lib:googleAuth')
+  const google = new GoogleApis()
     , config = crowi.getConfig()
     , lib = {}
     ;
@@ -21,11 +23,11 @@ module.exports = function(crowi) {
   }
 
   lib.createAuthUrl = function(req, callback) {
-    var callbackUrl = crowi.configManager.getSiteUrl() + '/google/callback';
-    var oauth2Client = createOauth2Client(callbackUrl);
+    const callbackUrl = urljoin(crowi.configManager.getSiteUrl(), '/google/callback');
+    const oauth2Client = createOauth2Client(callbackUrl);
     google.options({auth: oauth2Client});
 
-    var redirectUrl = oauth2Client.generateAuthUrl({
+    const redirectUrl = oauth2Client.generateAuthUrl({
       access_type: 'offline',
       scope: ['profile', 'email'],
     });
@@ -34,11 +36,11 @@ module.exports = function(crowi) {
   };
 
   lib.handleCallback = function(req, callback) {
-    var callbackUrl = crowi.configManager.getSiteUrl() + '/google/callback';
-    var oauth2Client = createOauth2Client(callbackUrl);
+    const callbackUrl = urljoin(crowi.configManager.getSiteUrl(), '/google/callback');
+    const oauth2Client = createOauth2Client(callbackUrl);
     google.options({auth: oauth2Client});
 
-    var code = req.session.googleAuthCode || null;
+    const code = req.session.googleAuthCode || null;
 
     if (!code) {
       return callback(new Error('No code exists.'), null);
@@ -53,7 +55,7 @@ module.exports = function(crowi) {
 
       oauth2Client.credentials = tokens;
 
-      var oauth2 = google.oauth2('v2');
+      const oauth2 = google.oauth2('v2');
       oauth2.userinfo.get({}, function(err, response) {
         debug('Response of oauth2.userinfo.get', err, response);
         if (err) {

src/server/util/slack.js

@@ -1,3 +1,6 @@
+const debug = require('debug')('growi:util:slack');
+const urljoin = require('url-join');
+
 /**
  * slack
  */
@@ -5,8 +8,7 @@
 module.exports = function(crowi) {
   'use strict';
 
-  const debug = require('debug')('growi:util:slack'),
-    config = crowi.getConfig(),
+  const config = crowi.getConfig(),
     Config = crowi.model('Config'),
     Slack = require('slack-node'),
     slack = {};
@@ -123,10 +125,10 @@ module.exports = function(crowi) {
     const attachment = {
       color: '#263a3c',
       author_name: '@' + user.username,
-      author_link: url + '/user/' + user.username,
+      author_link: urljoin(url, 'user', user.username),
       author_icon: user.image,
       title: page.path,
-      title_link: url + '/' + page._id,
+      title_link: urljoin(url, page._id),
       text: body,
       mrkdwn_in: ['text'],
     };
@@ -151,7 +153,7 @@ module.exports = function(crowi) {
     const attachment = {
       color: '#263a3c',
       author_name: '@' + user.username,
-      author_link: url + '/user/' + user.username,
+      author_link: urljoin(url, 'user', user.username),
       author_icon: user.image,
       text: body,
       mrkdwn_in: ['text'],
@@ -174,7 +176,7 @@ module.exports = function(crowi) {
     let text;
     const url = crowi.configManager.getSiteUrl();
 
-    const pageUrl = `<${url}${path}|${path}>`;
+    const pageUrl = `<${urljoin(url, path)}|${path}>`;
     if (updateType == 'create') {
       text = `:rocket: ${user.username} created a new page! ${pageUrl}`;
     }
@@ -187,7 +189,7 @@ module.exports = function(crowi) {
 
   const getSlackMessageTextForComment = function(path, user) {
     const url = crowi.configManager.getSiteUrl();
-    const pageUrl = `<${url}${path}|${path}>`;
+    const pageUrl = `<${urljoin(url, path)}|${path}>`;
     const text = `:speech_balloon: ${user.username} commented on ${pageUrl}`;
 
     return text;