Does no show consent screen on subdomains of NSS

Author: jaxoncreed

lib/requests/consent-request.js

@@ -66,11 +66,13 @@ class ConsentRequest extends AuthRequest {
   static async get (req, res) {
     const request = ConsentRequest.fromParams(req, res)
 
-    const appOrigin = request.getAppOrigin()
+    const appUrl = request.getAppUrl()
+    const appOrigin = `${appUrl.protocol}//${appUrl.host}`
+    const serverUrl = url.parse(req.app.locals.ldp.serverUri)
     // Check if is already registered or is data browser
     if (request.isUserLoggedIn()) {
       if (
-        appOrigin === req.app.locals.ldp.serverUri ||
+        (appUrl && appUrl.host.includes(serverUrl.host) && appUrl.protocol === serverUrl.protocol) ||
         await request.isAppRegistered(req.app.locals.ldp, appOrigin, request.session.subject._id)
       ) {
         request.setUserConsent(appOrigin)
@@ -101,7 +103,8 @@ class ConsentRequest extends AuthRequest {
     let request = ConsentRequest.fromParams(req, res)
 
     if (request.isUserLoggedIn()) {
-      const appOrigin = request.getAppOrigin()
+      const appUrl = request.getAppUrl()
+      const appOrigin = `${appUrl.protocol}//${appUrl.host}`
       debug('Providing consent for app sharing')
 
       if (consented) {
@@ -133,9 +136,8 @@ class ConsentRequest extends AuthRequest {
     return true
   }
 
-  getAppOrigin () {
-    const parsed = url.parse(this.authQueryParams.redirect_uri)
-    return `${parsed.protocol}//${parsed.host}`
+  getAppUrl () {
+    return url.parse(this.authQueryParams.redirect_uri)
   }
 
   async getProfileGraph (ldp, webId) {