Fix: handlebars oauth2_success, http_client, url

src/api/admin.rs

@@ -1,6 +1,6 @@
 use data_encoding::BASE64URL_NOPAD;
 use once_cell::sync::Lazy;
-use percent_encoding::{percent_encode, NON_ALPHANUMERIC};
+use url::Url;
 use reqwest::Method;
 use serde::de::DeserializeOwned;
 use serde_json::Value;
@@ -371,15 +371,20 @@ fn oauth2_authorize(_token: AdminToken) -> Result<Redirect, Error> {
     // Construct redirect URI
     let redirect_uri = format!("{}/admin/oauth2/callback", CONFIG.domain());
 
-    // Build authorization URL
+    // Build authorization URL using url crate to ensure proper encoding
-    let auth_url = format!(
+    let mut url = Url::parse(&auth_url).map_err(|e| Error::new("Invalid OAuth2 Authorization URL", e.to_string()))?;
-        "{}?client_id={}&redirect_uri={}&response_type=code&scope={}&state={}&access_type=offline&prompt=consent",
+    {
-        auth_url,
+        let mut qp = url.query_pairs_mut();
-        percent_encode(client_id.as_bytes(), NON_ALPHANUMERIC),
+        qp.append_pair("client_id", &client_id);
-        percent_encode(redirect_uri.as_bytes(), NON_ALPHANUMERIC),
+        qp.append_pair("redirect_uri", &redirect_uri);
-        percent_encode(scopes.as_bytes(), NON_ALPHANUMERIC),
+        qp.append_pair("response_type", "code");
-        percent_encode(state.as_bytes(), NON_ALPHANUMERIC)
+        qp.append_pair("scope", &scopes);
-    );
+        qp.append_pair("state", &state);
+        qp.append_pair("access_type", "offline");
+        qp.append_pair("prompt", "consent");
+    }
+
+    let auth_url = url.to_string();
 
     Ok(Redirect::to(auth_url))
 }
@@ -432,9 +437,7 @@ async fn oauth2_callback(params: OAuth2CallbackParams) -> Result<Html<String>, E
         ("client_secret", &client_secret),
     ];
 
-    let client = reqwest::Client::new();
+    let response = make_http_request(Method::POST, &token_url)?
-    let response = client
-        .post(&token_url)
         .form(&form_params)
         .send()
         .await
@@ -460,29 +463,14 @@ async fn oauth2_callback(params: OAuth2CallbackParams) -> Result<Html<String>, E
     .map_err(|e| Error::new("ConfigBuilder serialization error", e.to_string()))?;
     CONFIG.update_config_partial(config_builder).await?;
 
-    // Return success page
+    // Return success page via template
-    let success_html = format!(
+    let json = json!({
-        r#"<!DOCTYPE html>
+        "page_content": "admin/oauth2_success",
-<html>
+        "admin_url": admin_url(),
-<head>
+        "urlpath": CONFIG.domain_path(),
-    <title>OAuth2 Authorization Successful</title>
+    });
-    <style>
+    let text = CONFIG.render_template(BASE_TEMPLATE, &json)?;
-        body {{ font-family: Arial, sans-serif; margin: 50px; }}
+    Ok(Html(text))
-        .success {{ color: green; font-size: 18px; margin-bottom: 20px; }}
-        .token {{ background: #f0f0f0; padding: 10px; border-radius: 5px; word-break: break-all; }}
-    </style>
-</head>
-<body>
-    <h1>✓ OAuth2 Authorization Successful!</h1>
-    <p class="success">The refresh token has been saved to your configuration.</p>
-    <p>You can now close this window and return to the admin panel.</p>
-    <p><a href="{}">Return to Admin Settings</a></p>
-</body>
-</html>"#,
-        admin_url()
-    );
-
-    Ok(Html(success_html))
 }
 
 #[get("/logout")]

src/config.rs

@@ -1732,6 +1732,7 @@ where
     reg!("admin/users");
     reg!("admin/organizations");
     reg!("admin/diagnostics");
+    reg!("admin/oauth2_success");
 
     reg!("404");
 

src/mail.rs

@@ -24,6 +24,8 @@ use crate::{
     CONFIG,
 };
 
+use crate::http_client::make_http_request;
+
 // OAuth2 Token structures
 #[derive(Debug, Clone, Serialize, Deserialize)]
 pub struct OAuth2Token {
@@ -54,9 +56,7 @@ pub async fn refresh_oauth2_token() -> Result<OAuth2Token, Error> {
         ("client_secret", &client_secret),
     ];
 
-    let client = reqwest::Client::new();
+    let response = make_http_request(reqwest::Method::POST, &token_url)?
-    let response = client
-        .post(&token_url)
         .form(&form_params)
         .send()
         .await

src/static/templates/admin/oauth2_success.hbs

@@ -0,0 +1,10 @@
+<main class="container-xl">
+    <div class="alert alert-success mt-5" role="alert">
+        <h4 class="alert-heading">OAuth2 Authorization Successful</h4>
+        <p>The refresh token has been saved to your configuration.</p>
+        <hr>
+        <p class="mb-0">
+            <a href="{{admin_url}}" class="btn btn-primary">Return to Admin Settings</a>
+        </p>
+    </div>
+</main>