WIP respond to RPC
This commit is contained in:
parent
d015e66f17
commit
be9e8852b8
|
@ -965,7 +965,7 @@
|
|||
}
|
||||
|
||||
// TODO params should have response_type indicating json, binary, etc
|
||||
var result = JSON.parse(OAUTH3._base64.decodeUrlSafe(params.result || params.directives));
|
||||
var result = JSON.parse(OAUTH3._base64.decodeUrlSafe(params.data || params.result || params.directives));
|
||||
// caller will call OAUTH3.hooks.directives.set(providerUri, directives);
|
||||
return result;
|
||||
});
|
||||
|
|
|
@ -20,74 +20,20 @@
|
|||
// TODO what about search within hash?
|
||||
var prefix = "(" + window.location.hostname + ") [.well-known/oauth3/]";
|
||||
var params = OAUTH3.query.parse(window.location.hash || window.location.search);
|
||||
if (params.debug) {
|
||||
console.warn(prefix, "DEBUG MODE ENABLED. Automatic redirects disabled.");
|
||||
}
|
||||
|
||||
console.log(prefix, 'hash||search:');
|
||||
console.log(window.location.hash || window.location.search);
|
||||
|
||||
console.log(prefix, 'params:');
|
||||
console.log(params);
|
||||
|
||||
var fileWhiteList = [
|
||||
"directives.json"
|
||||
, "scopes.json" ];
|
||||
|
||||
//Serving arbitrary files/paths is probably not a good idea.
|
||||
//Let's make sure this is something we want to serve.
|
||||
if(fileWhiteList.indexOf(params.discoverFile) === -1) {
|
||||
//Nope!
|
||||
var redirect = params.redirect_uri + '?' + OAUTH3.query.stringify({
|
||||
state: params.state
|
||||
, error: "No access to requested file: " + params.discoverFile
|
||||
, error_code: "E_ACCESS_DENIED"
|
||||
, debug: params.debug || undefined
|
||||
});
|
||||
|
||||
console.error(prefix, "Requested file is not listed as a discoverable file:"
|
||||
, fileWhiteList);
|
||||
console.log("Redirecting with error: ", redirect)
|
||||
|
||||
if (!params.debug) {
|
||||
window.location = redirect;
|
||||
} else {
|
||||
// yes, we're violating the security lint with purpose
|
||||
document.body.innerHTML += window.location.host + window.location.pathname
|
||||
+ '<br/><br/>You\'ve passed the \'debug\' parameter so we\'re pausing'
|
||||
+ ' to let you look at logs or whatever it is that you intended to do.'
|
||||
+ '<br/><br/>The requested file was not a discoverable file (see console for details).'
|
||||
+ '<br/><br/>Continue with error redirect: <a href="' + redirect + '">' + redirect + '</' + 'a>';
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
OAUTH3.request({ url: params.discoverfile }).then(function (resp) {
|
||||
var urlsafe64 = OAUTH3._base64.encodeUrlSafe(JSON.stringify(resp.data, null, 0));
|
||||
var urlsafe64;
|
||||
var redirect;
|
||||
var returnParams;
|
||||
var err;
|
||||
var oldRpc;
|
||||
var sub = params.sub || params.subject;
|
||||
var subData;
|
||||
|
||||
console.log(prefix, 'file contents');
|
||||
console.log(resp);
|
||||
|
||||
console.log(prefix, 'base64');
|
||||
console.log(urlsafe64);
|
||||
|
||||
// TODO try postMessage back to redirect_uri domain right here
|
||||
// window.postMessage();
|
||||
|
||||
// TODO make sure it's https NOT http
|
||||
// NOTE: this can be only up to 2,083 characters
|
||||
function doRedirect(redirect) {
|
||||
if (params.debug) {
|
||||
console.log(prefix, 'params.redirect_uri:', params.redirect_uri);
|
||||
redirect = params.redirect_uri + '?' + OAUTH3.query.stringify({
|
||||
state: params.state
|
||||
, directives: urlsafe64 //kept for now, probably should remove this.
|
||||
, result: urlsafe64
|
||||
, debug: params.debug || undefined
|
||||
})
|
||||
|
||||
console.log(prefix, 'redirect');
|
||||
console.log(redirect);
|
||||
}
|
||||
|
||||
if (!params.debug) {
|
||||
window.location = redirect;
|
||||
} else {
|
||||
|
@ -97,6 +43,93 @@
|
|||
+ ' to let you look at logs or whatever it is that you intended to do.'
|
||||
+ '<br/><br/>Continue with redirect: <a href="' + redirect + '">' + redirect + '</' + 'a>';
|
||||
}
|
||||
}
|
||||
|
||||
function onError(err) {
|
||||
var redirect = params.redirect_uri + '?' + OAUTH3.query.stringify({
|
||||
state: params.state
|
||||
, error: err.code
|
||||
, error_description: err.message
|
||||
, error_uri: err.uri
|
||||
, debug: params.debug || undefined
|
||||
});
|
||||
|
||||
doRedirect(redirect);
|
||||
}
|
||||
|
||||
function onSuccess(urlsafe64, hasSub) {
|
||||
if (params.debug) {
|
||||
console.log(prefix, 'directives');
|
||||
console.log(resp);
|
||||
|
||||
console.log(prefix, 'base64');
|
||||
console.log(urlsafe64);
|
||||
}
|
||||
|
||||
// TODO try postMessage back to redirect_uri domain right here
|
||||
// window.postMessage();
|
||||
|
||||
// TODO SECURITY make sure it's https NOT http
|
||||
// NOTE: this can be only up to 2,083 characters
|
||||
redirect = params.redirect_uri + '?' + OAUTH3.query.stringify({
|
||||
state: params.state
|
||||
, directives: oldRpc ? urlsafe64 : undefined
|
||||
, data: !oldRpc ? urlsafe64 : undefined
|
||||
, sub: hasSub && sub || undefined
|
||||
, debug: params.debug || undefined
|
||||
});
|
||||
|
||||
doRedirect(redirect);
|
||||
}
|
||||
|
||||
if (params.debug) {
|
||||
console.warn(prefix, "DEBUG MODE ENABLED. Automatic redirects disabled.");
|
||||
|
||||
console.log(prefix, 'hash||search:');
|
||||
console.log(window.location.hash || window.location.search);
|
||||
|
||||
console.log(prefix, 'params:');
|
||||
console.log(params);
|
||||
}
|
||||
|
||||
if ('rpc' !== params.response_type) {
|
||||
err = new Error("response_type '" + params.response_type + "' is not supported");
|
||||
err.code = "E_RESPONSE_TYPE";
|
||||
// TODO err.uri
|
||||
onError(err);
|
||||
return;
|
||||
}
|
||||
|
||||
if (params.action) {
|
||||
oldRpc = true;
|
||||
}
|
||||
|
||||
if (/localstorage/i.test(params._scheme)) {
|
||||
if (sub) {
|
||||
subData = localStorage.getItem(sub + '@oauth3.org:issuer');
|
||||
onSuccess(subData || localStorage.getItem('oauth3.org:issuer'), subData && true);
|
||||
return;
|
||||
}
|
||||
onSuccess(localStorage.getItem('oauth3.org:issuer'));
|
||||
return;
|
||||
}
|
||||
|
||||
var fileWhiteList = [
|
||||
'.well-known/oauth3/directives.json'
|
||||
, '.well-known/oauth3/scopes.json'
|
||||
];
|
||||
|
||||
if (-1 === fileWhiteList.indexOf(params._pathname)) {
|
||||
err = new Error("No access to requested file: " + params._pathname);
|
||||
err.code = "E_ACCESS_DENIED"
|
||||
// TODO err.uri
|
||||
onError(err);
|
||||
}
|
||||
|
||||
OAUTH3.request({ url: 'directives.json' }).then(function (resp) {
|
||||
urlsafe64 = OAUTH3._base64.encodeUrlSafe(JSON.stringify(resp.data, null, 0));
|
||||
|
||||
onSuccess(urlsafe64);
|
||||
});
|
||||
|
||||
}());
|
||||
|
|
Loading…
Reference in New Issue