From b58344faf1d2740fa023fd87f85b0a1957d2ca4c Mon Sep 17 00:00:00 2001
From: Doug <douglase@element.io>
Date: Tue, 6 May 2025 15:18:11 +0100
Subject: [PATCH] Forward the login_hint upstream.

---
 .gitignore                                       |  8 ++++++++
 crates/handlers/src/upstream_oauth2/authorize.rs | 11 ++++++++++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 2f7896d1d..1046cc35a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,9 @@
+# Rust
 target/
+
+# Editors
+.idea
+.nova
+
+# OS garbage
+.DS_Store
diff --git a/crates/handlers/src/upstream_oauth2/authorize.rs b/crates/handlers/src/upstream_oauth2/authorize.rs
index bf1d76182..d656ee1d8 100644
--- a/crates/handlers/src/upstream_oauth2/authorize.rs
+++ b/crates/handlers/src/upstream_oauth2/authorize.rs
@@ -12,7 +12,7 @@ use hyper::StatusCode;
 use mas_axum_utils::{cookies::CookieJar, record_error};
 use mas_data_model::UpstreamOAuthProvider;
 use mas_oidc_client::requests::authorization_code::AuthorizationRequestData;
-use mas_router::UrlBuilder;
+use mas_router::{PostAuthAction, UrlBuilder};
 use mas_storage::{
     BoxClock, BoxRepository, BoxRng,
     upstream_oauth2::{UpstreamOAuthProviderRepository, UpstreamOAuthSessionRepository},
@@ -92,6 +92,15 @@ pub(crate) async fn get(
         data = data.with_response_mode(response_mode.into());
     }
 
+    // Forward the raw login hint upstream for the provider to handle however it sees fit
+    if let Some(post_auth_action) = &query.post_auth_action {
+        if let PostAuthAction::ContinueAuthorizationGrant { id } = post_auth_action {
+            if let Some(grant) = repo.oauth2_authorization_grant().lookup(*id).await? {
+                data.login_hint = grant.login_hint;
+            }
+        }
+    }
+
     let data = if let Some(methods) = lazy_metadata.pkce_methods().await? {
         data.with_code_challenge_methods_supported(methods)
     } else {