refactor: simplify target host resolution and remove explicit host handling

- Eliminated the explicitHost parameter from the TargetResolutionInput interface and related functions.
- Updated the OAuth callback processing to streamline target host resolution, relying solely on tenant slug.
- Adjusted the GatewayStatePayload to remove targetHost, enhancing clarity in state management.

Signed-off-by: Innei <tukon479@gmail.com>

be/apps/oauth-gateway/src/index.ts

@@ -3,7 +3,7 @@ import { serve } from '@hono/node-server'
 import { Hono } from 'hono'
 
 import { gatewayConfig } from './config'
-import { buildForwardLocation, resolveTargetHost, sanitizeExplicitHost, sanitizeTenantSlug } from './resolver'
+import { buildForwardLocation, resolveTargetHost, sanitizeTenantSlug } from './resolver'
 
 const app = new Hono()
 
@@ -43,7 +43,6 @@ callbackRouter.all('/:provider', (c) => {
 
   const targetHost = resolveTargetHost(gatewayConfig, {
     tenantSlug,
-    explicitHost: sanitizeExplicitHost(decodedState?.targetHost),
   })
   if (!targetHost) {
     return c.json({ error: 'unresolvable_host', message: 'Unable to resolve target tenant host.' }, 400)

be/apps/oauth-gateway/src/resolver.ts

@@ -2,7 +2,6 @@ import type { GatewayConfig } from './config'
 
 export interface TargetResolutionInput {
   tenantSlug?: string | null
-  explicitHost?: string | null
 }
 
 const SLUG_PATTERN = /^[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?$/i
@@ -39,10 +38,6 @@ export function sanitizeExplicitHost(host: string | null | undefined): string |
 }
 
 export function resolveTargetHost(config: GatewayConfig, input: TargetResolutionInput): string | null {
-  if (input.explicitHost) {
-    return input.explicitHost
-  }
-
   const slug = input.tenantSlug
   if (slug && slug !== config.rootSlug) {
     return `${slug}.${config.baseDomain}`

be/packages/utils/src/oauth-state.ts

@@ -3,7 +3,6 @@ import { createHmac, timingSafeEqual } from 'node:crypto'
 export interface GatewayStatePayload {
   innerState: string
   tenantSlug: string | null
-  targetHost?: string | null
   issuedAt: number
   expiresAt: number
 }
@@ -12,7 +11,7 @@ export interface EncodeGatewayStateOptions {
   secret: string
   tenantSlug: string | null
   innerState: string
-  targetHost?: string | null
+
   ttlMs?: number
 }
 
@@ -50,12 +49,11 @@ function safeCompare(a: string, b: string): boolean {
  * route the callback without hard-coding tenant slugs in redirect URIs.
  */
 export function encodeGatewayState(options: EncodeGatewayStateOptions): string {
-  const { secret, tenantSlug, innerState, targetHost, ttlMs = DEFAULT_TTL_MS } = options
+  const { secret, tenantSlug, innerState, ttlMs = DEFAULT_TTL_MS } = options
   const now = Date.now()
   const payload: GatewayStatePayload = {
     innerState,
     tenantSlug,
-    targetHost: targetHost ?? null,
     issuedAt: now,
     expiresAt: now + ttlMs,
   }