Skip to content

Normalize OAuth API key to handle 0x prefixes #14094

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
rickyrombo merged 1 commit into from
Apr 10, 2026
+26 −16
Merged

Normalize OAuth API key to handle 0x prefixes #14094

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 10 additions & 6 deletions packages/mobile/src/screens/oauth-screen/hooks/useParsedParams.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,12 +26,16 @@ export const useParsedParams = (search: string): ParsedParams => {
} = queryString.parse(search)

const scope = collapseScope(rawScope)
const apiKey =
typeof api_key === 'string'
? api_key
: typeof client_id === 'string'
? client_id
: null
const apiKey = (() => {
const raw =
typeof api_key === 'string'
? api_key
: typeof client_id === 'string'
? client_id
: null
if (raw?.toLowerCase().startsWith('0x')) return raw.slice(2)
return raw
})()
const redirectUriStr = typeof redirectUri === 'string' ? redirectUri : null

let error: string | null = null
Expand Down
5 changes: 3 additions & 2 deletions packages/mobile/src/screens/oauth-screen/utils.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,9 @@ import { audiusSdk } from 'app/services/sdk/audius-sdk'
// ─── URL / key validation ─────────────────────────────────────────────────────

export const isValidApiKey = (key: string) => {
if (key.length !== 40) return false
return /^[0-9a-fA-F]+$/.test(key)
const normalized = key.toLowerCase().startsWith('0x') ? key.slice(2) : key
if (normalized.length !== 40) return false
return /^[0-9a-fA-F]+$/.test(normalized)
}

export const getIsRedirectValid = (
Expand Down
16 changes: 10 additions & 6 deletions packages/web/src/pages/oauth-login-page/hooks.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -75,12 +75,16 @@ const useParsedQueryParams = () => {

const scope = collapseScopes(rawScope)

const apiKey =
typeof api_key === 'string'
? api_key
: typeof client_id === 'string'
? client_id
: undefined
const apiKey = (() => {
const raw =
typeof api_key === 'string'
? api_key
: typeof client_id === 'string'
? client_id
: undefined
if (raw?.toLowerCase().startsWith('0x')) return raw.slice(2)
return raw
})()

const parsedRedirectUri = useMemo<'postmessage' | URL | null>(() => {
if (redirectUri && typeof redirectUri === 'string') {
Expand Down
5 changes: 3 additions & 2 deletions packages/web/src/pages/oauth-login-page/utils.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,11 +41,12 @@ export const getIsRedirectValid = ({

export const isValidApiKey = (key: string | string[]) => {
if (Array.isArray(key)) return false
if (key.length !== 40) {
const normalized = key.toLowerCase().startsWith('0x') ? key.slice(2) : key
if (normalized.length !== 40) {
return false
}
const hexadecimalRegex = /^[0-9a-fA-F]+$/
return hexadecimalRegex.test(key)
return hexadecimalRegex.test(normalized)
}

const getFormattedAppAddress = ({
Expand Down
Loading