OAuth2 Login opens in new browser window

[firlevapz]

Steps to reproduce

1. Enable Nextcloud as OAuth2 Provider for rocket.chat
2. Install rocket.chat desktop application (on any platform) and configure to login in nextcloud via OAuth2
3. Login does not work as the desktop-application tries to open an external window and fails with following error message Access Forbidden State token does not match:
   image

Expected behaviour

The OAuth2 Login from the rocket.chat desktop-app should work

Actual behaviour

The external browser window opens (out of the rocket.chat app) with an error message.
This is because, the rocket.chat app opens links with absolute URLs in a new window, i.e. the external browser window.

Server configuration

Operating system:
Ubuntu-18.04
Web server:
Nginx
Database:
mysql
PHP version:

Nextcloud version: (see Nextcloud admin page)
16.0.8 (also in 17.0.3)
Updated from an older Nextcloud/ownCloud or fresh install:
from snap
Where did you install Nextcloud from:
snap

Proposed Solution

in core/templates/loginflow/authpicker.php change this line

 	<p id="redirect-link">
-		<a href="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLogin.grantPage', ['stateToken' => $_['stateToken'], 'clientIdentifier' => $_['clientIdentifier'], 'oauthState' => $_['oauthState']])) ?>">
+		<a href="<?php p($urlGenerator->linkToRoute('core.ClientFlowLogin.grantPage', ['stateToken' => $_['stateToken'], 'clientIdentifier' => $_['clientIdentifier'], 'oauthState' => $_['oauthState']])) ?>">
 			<input type="submit" class="login primary icon-confirm-white" value="<?php p($l->t('Log in')) ?>">
 		</a>
 	</p>

I've tested the solution and it solves the problem. Are there any drawbacks to this, otherwise I'd open a pull-request for it.

[holzhannes]

Issue in Rocket.Chat Repository: RocketChat/Rocket.Chat.Electron#1251

[firlevapz]

I've just created a PR for it, the proposed solution works for my setup but I'm not sure if it breaks something else: #19646