From a50dfca667f9ab517a3033957ed7204ca1abee45 Mon Sep 17 00:00:00 2001
From: Giteabot <teabot@gitea.io>
Date: Wed, 19 Jul 2023 00:35:16 -0400
Subject: [PATCH] Show the mismatched ROOT_URL warning on the sign-in page if
 OAuth2 is enabled (#25947) (#25972)

Backport #25947 by @wolfogre

Since OAuth2 will callback the root URL, if the user starts signing in
from a wrong host, Gitea will return 500 because it cannot find the
session.

<details>
<summary>How to reproduce</summary>

<img width="901" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/2c2e255c-e13e-4a11-9be7-b226bee54920">

<img width="1014" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/b31cfcf6-a320-483d-9ce5-ba8562f065e1">

</details>

So show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is
enabled.

<img width="1015" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/99e80b17-c790-49a3-bbf2-2bd9396a7daa">

Co-authored-by: Jason Song <i@wolfogre.com>
(cherry picked from commit 037a3f0d8c1a8142d8cd36b6b9d50bf13df9197d)
---
 web_src/js/features/admin/common.js  | 1 -
 web_src/js/features/common-global.js | 2 +-
 web_src/js/features/user-auth.js     | 3 +++
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/web_src/js/features/admin/common.js b/web_src/js/features/admin/common.js
index b6b192a296..250608069b 100644
--- a/web_src/js/features/admin/common.js
+++ b/web_src/js/features/admin/common.js
@@ -10,7 +10,6 @@ export function initAdminCommon() {
   }
 
   // check whether appUrl(ROOT_URL) is correct, if not, show an error message
-  // only admin pages need this check because most templates are using relative URLs now
   checkAppUrl();
 
   // New user
diff --git a/web_src/js/features/common-global.js b/web_src/js/features/common-global.js
index b621c9ba00..bcc097a89a 100644
--- a/web_src/js/features/common-global.js
+++ b/web_src/js/features/common-global.js
@@ -373,5 +373,5 @@ export function checkAppUrl() {
     return;
   }
   showGlobalErrorMessage(`Your ROOT_URL in app.ini is "${appUrl}", it's unlikely matching the site you are visiting.
-Mismatched ROOT_URL config causes wrong URL links for web UI/mail content/webhook notification.`);
+Mismatched ROOT_URL config causes wrong URL links for web UI/mail content/webhook notification/OAuth2 sign-in.`);
 }
diff --git a/web_src/js/features/user-auth.js b/web_src/js/features/user-auth.js
index e3ce4e56e4..af380dcfc7 100644
--- a/web_src/js/features/user-auth.js
+++ b/web_src/js/features/user-auth.js
@@ -1,10 +1,13 @@
 import $ from 'jquery';
+import {checkAppUrl} from './common-global.js';
 
 export function initUserAuthOauth2() {
   const outer = document.getElementById('oauth2-login-navigator');
   if (!outer) return;
   const inner = document.getElementById('oauth2-login-navigator-inner');
 
+  checkAppUrl();
+
   for (const link of outer.querySelectorAll('.oauth-login-link')) {
     link.addEventListener('click', () => {
       inner.classList.add('gt-invisible');