kyy/swagger-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(auth): both array and Im.List scopes can be added to redirectURL (#6416)

Browse Source
This commit is contained in:
dalbrx-forcam
2020-09-22 19:47:37 +02:00
committed by GitHub
parent 6b12f1507a
commit 95fd3e71ab
2 changed files with 39 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/core/oauth2-authorize.js
View File

@@ -1,4 +1,5 @@
import win from "core/window"
import Im from "immutable"
import { btoa, sanitizeUrl, generateCodeVerifier, createCodeChallenge } from "core/utils"
export default function authorize ( { auth, authActions, errActions, configs, authConfigs={} } ) {
@@ -52,10 +53,17 @@ export default function authorize ( { auth, authActions, errActions, configs, au
}
query.push("redirect_uri=" + encodeURIComponent(redirectUrl))
if (Array.isArray(scopes) && 0 < scopes.length) {
let scopesArray = []
if (Array.isArray(scopes)) {
scopesArray = scopes
} else if (Im.List.isList(scopes)) {
scopesArray = scopes.toArray()
}
if (scopesArray.length > 0) {
let scopeSeparator = authConfigs.scopeSeparator || " "
query.push("scope=" + encodeURIComponent(scopes.join(scopeSeparator)))
query.push("scope=" + encodeURIComponent(scopesArray.join(scopeSeparator)))
}
let state = btoa(new Date())

38
test/unit/core/oauth2-authorize.js
View File

@@ -1,5 +1,6 @@
import win from "core/window"
import Im from "immutable"
import oauth2Authorize from "core/oauth2-authorize"
import * as utils from "core/utils"
@@ -11,10 +12,18 @@ describe("oauth2", () => {
}
let authConfig = {
auth: { schema: { get: (key)=> mockSchema[key] } },
authActions: {},
errActions: {},
configs: { oauth2RedirectUrl: "" },
auth: { schema: { get: (key)=> mockSchema[key] }, scopes: ["scope1", "scope2"] },
authActions: {},
errActions: {},
configs: { oauth2RedirectUrl: "" },
authConfigs: {}
}
let authConfig2 = {
auth: { schema: { get: (key)=> mockSchema[key] }, scopes: Im.List(["scope2","scope3"]) },
authActions: {},
errActions: {},
configs: { oauth2RedirectUrl: "" },
authConfigs: {}
}
@@ -27,7 +36,7 @@ describe("oauth2", () => {
const windowOpenSpy = jest.spyOn(win, "open")
oauth2Authorize(authConfig)
expect(windowOpenSpy.mock.calls.length).toEqual(1)
expect(windowOpenSpy.mock.calls[0][0]).toMatch("https://testAuthorizationUrl?response_type=code&redirect_uri=&state=")
expect(windowOpenSpy.mock.calls[0][0]).toMatch("https://testAuthorizationUrl?response_type=code&redirect_uri=&scope=scope1%20scope2&state=")
windowOpenSpy.mockReset()
})
@@ -37,8 +46,8 @@ describe("oauth2", () => {
mockSchema.authorizationUrl = "https://testAuthorizationUrl?param=1"
oauth2Authorize(authConfig)
expect(windowOpenSpy.mock.calls.length).toEqual(1)
expect(windowOpenSpy.mock.calls[0][0]).toMatch("https://testAuthorizationUrl?param=1&response_type=code&redirect_uri=&state=")
expect(windowOpenSpy.mock.calls[0][0]).toMatch("https://testAuthorizationUrl?param=1&response_type=code&redirect_uri=&scope=scope1%20scope2&state=")
windowOpenSpy.mockReset()
})
@@ -48,7 +57,7 @@ describe("oauth2", () => {
const expectedCodeVerifier = "mock_code_verifier"
const expectedCodeChallenge = "mock_code_challenge"
const generateCodeVerifierSpy = jest.spyOn(utils, "generateCodeVerifier").mockImplementation(() => expectedCodeVerifier)
const createCodeChallengeSpy = jest.spyOn(utils, "createCodeChallenge").mockImplementation(() => expectedCodeChallenge)
@@ -72,6 +81,17 @@ describe("oauth2", () => {
windowOpenSpy.mockReset()
generateCodeVerifierSpy.mockReset()
createCodeChallengeSpy.mockReset()
})
})
it("should add list of scopes to authorizeUrl", () => {
const windowOpenSpy = jest.spyOn(win, "open")
mockSchema.authorizationUrl = "https://testAuthorizationUrl?param=1"
oauth2Authorize(authConfig2)
expect(windowOpenSpy.mock.calls.length).toEqual(1)
expect(windowOpenSpy.mock.calls[0][0]).toMatch("https://testAuthorizationUrl?param=1&response_type=code&redirect_uri=&scope=scope2%20scope3&state=")
windowOpenSpy.mockReset()
})
})
})