Mercurial > gemma
annotate api/server/ui/oauth2-redirect.html @ 169:9fcfccb18b16
feat: Added draft version of API specification for server
Open API specification available under /api/server
UI version served with yarn swagger from client folder - port 5000
author | Thomas Junk <thomas.junk@intevation.de> |
---|---|
date | Tue, 10 Jul 2018 10:36:50 +0200 |
parents | |
children |
rev | line source |
---|---|
169
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
1 <!doctype html> |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
2 <html lang="en-US"> |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
3 <body onload="run()"> |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
4 </body> |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
5 </html> |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
6 <script> |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
7 'use strict'; |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
8 function run () { |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
9 var oauth2 = window.opener.swaggerUIRedirectOauth2; |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
10 var sentState = oauth2.state; |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
11 var redirectUrl = oauth2.redirectUrl; |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
12 var isValid, qp, arr; |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
13 |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
14 if (/code|token|error/.test(window.location.hash)) { |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
15 qp = window.location.hash.substring(1); |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
16 } else { |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
17 qp = location.search.substring(1); |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
18 } |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
19 |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
20 arr = qp.split("&") |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
21 arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';}) |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
22 qp = qp ? JSON.parse('{' + arr.join() + '}', |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
23 function (key, value) { |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
24 return key === "" ? value : decodeURIComponent(value) |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
25 } |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
26 ) : {} |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
27 |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
28 isValid = qp.state === sentState |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
29 |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
30 if (( |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
31 oauth2.auth.schema.get("flow") === "accessCode"|| |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
32 oauth2.auth.schema.get("flow") === "authorizationCode" |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
33 ) && !oauth2.auth.code) { |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
34 if (!isValid) { |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
35 oauth2.errCb({ |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
36 authId: oauth2.auth.name, |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
37 source: "auth", |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
38 level: "warning", |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
39 message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server" |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
40 }); |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
41 } |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
42 |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
43 if (qp.code) { |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
44 delete oauth2.state; |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
45 oauth2.auth.code = qp.code; |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
46 oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl}); |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
47 } else { |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
48 let oauthErrorMsg |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
49 if (qp.error) { |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
50 oauthErrorMsg = "["+qp.error+"]: " + |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
51 (qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") + |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
52 (qp.error_uri ? "More info: "+qp.error_uri : ""); |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
53 } |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
54 |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
55 oauth2.errCb({ |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
56 authId: oauth2.auth.name, |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
57 source: "auth", |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
58 level: "error", |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
59 message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server" |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
60 }); |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
61 } |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
62 } else { |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
63 oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl}); |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
64 } |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
65 window.close(); |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
66 } |
9fcfccb18b16
feat: Added draft version of API specification for server
Thomas Junk <thomas.junk@intevation.de>
parents:
diff
changeset
|
67 </script> |