From 3bae0b0900bd16ce5747d8f23e28b975ce1c7cce Mon Sep 17 00:00:00 2001
From: Tim Otten <totten@civicrm.org>
Date: Wed, 28 Oct 2020 17:08:29 -0700
Subject: [PATCH] dev/core#2141 - Update 'oauth2.league' to respect setting
 'oauthClientRedirectUrl'

---
 ext/oauth-client/CRM/OAuth/BAO/OAuthClient.php  | 11 +++++++++++
 .../Civi/OAuth/OAuthLeagueFacade.php            |  2 +-
 .../settings/OAuthClient.setting.php            | 17 +++++++++++++++++
 3 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 ext/oauth-client/settings/OAuthClient.setting.php

diff --git a/ext/oauth-client/CRM/OAuth/BAO/OAuthClient.php b/ext/oauth-client/CRM/OAuth/BAO/OAuthClient.php
index cc96ff399f..e7a0f537fc 100644
--- a/ext/oauth-client/CRM/OAuth/BAO/OAuthClient.php
+++ b/ext/oauth-client/CRM/OAuth/BAO/OAuthClient.php
@@ -59,4 +59,15 @@ class CRM_OAuth_BAO_OAuthClient extends CRM_OAuth_DAO_OAuthClient {
     return Civi::$statics[__FUNCTION__];
   }
 
+  /**
+   * Determine the "redirect_uri". When using authorization-code flow, the
+   * OAuth2 provider will redirect back to our "redirect_uri".
+   *
+   * @return string
+   */
+  public static function getRedirectUri() {
+    return \Civi::settings()->get('oauthClientRedirectUrl') ?:
+      \CRM_Utils_System::url('civicrm/oauth-client/return', NULL, TRUE, NULL, FALSE);
+  }
+
 }
diff --git a/ext/oauth-client/Civi/OAuth/OAuthLeagueFacade.php b/ext/oauth-client/Civi/OAuth/OAuthLeagueFacade.php
index bcb3390255..49f50b9707 100644
--- a/ext/oauth-client/Civi/OAuth/OAuthLeagueFacade.php
+++ b/ext/oauth-client/Civi/OAuth/OAuthLeagueFacade.php
@@ -36,7 +36,7 @@ class OAuthLeagueFacade {
     $localOptions['clientId'] = $clientDef['guid'];
     $localOptions['clientSecret'] = $clientDef['secret'];
     // NOTE: If we ever have frontend users, this may need to change.
-    $localOptions['redirectUri'] = \CRM_Utils_System::url('civicrm/oauth-client/return', NULL, TRUE, NULL, FALSE);
+    $localOptions['redirectUri'] = \CRM_OAuth_BAO_OAuthClient::getRedirectUri();
     $options = array_merge(
       $providerDef['options'] ?? [],
       $clientDef['options'] ?? [],
diff --git a/ext/oauth-client/settings/OAuthClient.setting.php b/ext/oauth-client/settings/OAuthClient.setting.php
new file mode 100644
index 0000000000..9bcffb2f0c
--- /dev/null
+++ b/ext/oauth-client/settings/OAuthClient.setting.php
@@ -0,0 +1,17 @@
+<?php
+return [
+  'oauthClientRedirectUrl' => [
+    'group_name' => 'Developer Preferences',
+    'group' => 'developer',
+    'name' => 'fatalErrorHandler',
+    'type' => 'String',
+    'quick_form_type' => 'Element',
+    'html_type' => 'text',
+    'default' => NULL,
+    'add' => '5.32',
+    'title' => ts('Redirect URL'),
+    'is_domain' => 1,
+    'is_contact' => 0,
+    'description' => ts('Override the redirect URL for OAuth2 requests. This is an absolute URL which should be equivalent to "civicrm/oauth-client/return".'),
+  ],
+];
-- 
2.25.1