From ffe7cf3fbb4e62d7689065cf7b61f25f602ce8cf Mon Sep 17 00:00:00 2001
From: David Luecke <daff@neyeon.com>
Date: Mon, 11 Nov 2019 08:50:30 -0800
Subject: [PATCH] fix(authentication-oauth): Allow hash based redirects (#1676)

---
 packages/authentication-oauth/src/strategy.ts       | 3 ++-
 packages/authentication-oauth/test/strategy.test.ts | 5 +++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/packages/authentication-oauth/src/strategy.ts b/packages/authentication-oauth/src/strategy.ts
index cf4ef9dbda..e5ca187db9 100644
--- a/packages/authentication-oauth/src/strategy.ts
+++ b/packages/authentication-oauth/src/strategy.ts
@@ -79,7 +79,8 @@ export class OAuthStrategy extends AuthenticationBaseStrategy {
       return null;
     }
 
-    const separator = redirect.endsWith('?') ? '' : '#';
+    const separator = redirect.endsWith('?') ? '' :
+      (redirect.indexOf('#') !== -1 ? '?' : '#');
     const authResult: AuthenticationResult = data;
     const query = authResult.accessToken ? {
       access_token: authResult.accessToken
diff --git a/packages/authentication-oauth/test/strategy.test.ts b/packages/authentication-oauth/test/strategy.test.ts
index 9217a0f1ed..8a52190cf5 100644
--- a/packages/authentication-oauth/test/strategy.test.ts
+++ b/packages/authentication-oauth/test/strategy.test.ts
@@ -39,6 +39,11 @@ describe('@feathersjs/authentication-oauth/strategy', () => {
 
     redirect = await strategy.getRedirect({ accessToken: 'testing' });
     assert.equal(redirect, null);
+
+    app.get('authentication').oauth.redirect = '/#dashboard';
+
+    redirect = await strategy.getRedirect({ accessToken: 'testing' });
+    assert.equal(redirect, '/#dashboard?access_token=testing');
   });
 
   it('getProfile', async () => {