From 243912080f659913047dee77e9501cf3275eba85 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Iv=C3=A1n=20Oliva=20Reglero?=
 <ioliva@users.noreply.github.com>
Date: Thu, 27 Jul 2023 16:10:06 +0200
Subject: [PATCH] Decode back possible Base64-encoded state in responseHandler

In PR #658 the property base64_state was added, to force the state param to be base64-encoded instead of URI encoded.

That makes the state impossible to decode when the flow returns to the calling page, so we detect if the returned state is in base64 and decode it accordingly if so, first of all.
---
 src/hello.js | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/hello.js b/src/hello.js
index a310208e..7b75646b 100644
--- a/src/hello.js
+++ b/src/hello.js
@@ -1303,6 +1303,14 @@ hello.utils.extend(hello.utils, {
 		// Is this an auth relay message which needs to call the proxy?
 		p = _this.param(location.search);
 
+		// Decode back possible Base64-encoded state
+		if (p && p.state) {
+			const base64regex = /^([0-9a-zA-Z+/]{4})*(([0-9a-zA-Z+/]{2}==)|([0-9a-zA-Z+/]{3}=))?$/;
+			if (base64regex.test(p.state)) {
+				p.state = window.atob(p.state);
+			}
+		}
+
 		// OAuth2 or OAuth1 server response?
 		if (p && p.state && (p.code || p.oauth_token)) {