Merge branch 'master' of github.com:swagger-api/swagger-ui into ft/error-jump-to-line

dev-helpers/oauth2-redirect.html

@@ -8,6 +8,7 @@
     function run () {
         var oauth2 = window.opener.swaggerUIRedirectOauth2;
         var sentState = oauth2.state;
+        var redirectUrl = oauth2.redirectUrl;
         var isValid, qp, arr;
 
         qp = (window.location.hash || location.search).substring(1);
@@ -35,7 +36,7 @@
             if (qp.code) {
                 delete oauth2.state;
                 oauth2.auth.code = qp.code;
-                oauth2.callback(oauth2.auth);
+                oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
             } else {
                 oauth2.errCb({
                     authId: oauth2.auth.name,
@@ -45,9 +46,8 @@
                 });
             }
         } else {
-            oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid});
+            oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
         }
         window.close();
     }
-
 </script>

dist/swagger-ui-bundle.js.map

@@ -1 +1 @@
-{"version":3,"file":"swagger-ui-bundle.js","sources":["webpack:///swagger-ui-bundle.js"],"mappings":"AAAA;AAu/FA;AA6+FA;;;;;;;;;;;;;;;;;;;;;;;;;;AAyTA;;;;;;AAoIA;AAi7FA;AAmtCA;AAi0IA;AA0oJA;AAgwFA;AAmrGA;AA4lFA;AAioFA;AA09CA;AAwhDA;AAkrCA;AAu4EA;;;;;AAykCA;AAsyJA;;;;;;;;;;;;;;AA64EA;AA4mIA;AAquJA;AA2qHA;AA2mGA;AAiiEA;AAq4DA;AAg3DA;AAsdA;;;;;;AAgtFA;AA+4FA;;;;;AAw7CA;AA2qFA;AAw2CA;AAqkCA;AA+8CA;AA8/EA;AAo3FA;;;;;;;;;AA4nDA;AA2zIA;AAk4DA;AA8mDA","sourceRoot":""}
+{"version":3,"file":"swagger-ui-bundle.js","sources":["webpack:///swagger-ui-bundle.js"],"mappings":"AAAA;AAu/FA;AA6+FA;;;;;;;;;;;;;;;;;;;;;;;;;;AAyTA;;;;;;AAoIA;AAi7FA;AAmtCA;AAi0IA;AA0oJA;AAgwFA;AAmrGA;AA4lFA;AAioFA;AA09CA;AAwhDA;AAkrCA;AAu4EA;;;;;AAykCA;AAsyJA;;;;;;;;;;;;;;AA64EA;AA4mIA;AAquJA;AA2qHA;AA2mGA;AAiiEA;AAq4DA;AAg3DA;AAsdA;;;;;;AAgtFA;AAq5FA;;;;;AAw7CA;AA2qFA;AAw2CA;AA2kCA;AA88CA;AAkgFA;AAk2FA;;;;;;;;;AA2pDA;AA2zIA;AAk4DA;AA8mDA","sourceRoot":""}

dist/swagger-ui.js.map

@@ -1 +1 @@
-{"version":3,"file":"swagger-ui.js","sources":["webpack:///swagger-ui.js"],"mappings":"AAAA;;;;;;AA0yCA;AAoyHA;AA8xHA;AAokGA;AA+9BA;AA0hCA;AAujCA;AA65BA","sourceRoot":""}
+{"version":3,"file":"swagger-ui.js","sources":["webpack:///swagger-ui.js"],"mappings":"AAAA;;;;;;AA0yCA;AAoyHA;AA8xHA;AA0kGA;AA+9BA;AA+iCA;AAmjCA;AA25BA","sourceRoot":""}

src/core/components/errors.jsx

@@ -41,10 +41,11 @@ export default class Errors extends React.Component {
         <Collapse isOpened={ isVisible } animated >
           <div className="errors">
             { sortedJSErrors.map((err, i) => {
-              if(err.get("type") === "thrown") {
+              let type = err.get("type")
+              if(type === "thrown" || type === "auth") {
                 return <ThrownErrorItem key={ i } error={ err.get("error") || err } jumpToLine={jumpToLine} />
               }
-              if(err.get("type") === "spec") {
+              if(type === "spec") {
                 return <SpecErrorItem key={ i } error={ err } jumpToLine={jumpToLine} />
               }
             }) }

src/core/oauth2-authorize.js

@@ -3,26 +3,35 @@ import { btoa } from "core/utils"
 
 export default function authorize ( { auth, authActions, errActions, configs, authConfigs={} } ) {
   let { schema, scopes, name, clientId } = auth
-
-  let { additionalQueryStringParams } = authConfigs
-  let redirectUrl = configs.oauth2RedirectUrl
-  let scopeSeparator = authConfigs.scopeSeparator || " "
-  let state = btoa(new Date())
   let flow = schema.get("flow")
-  let url
+  let query = []
 
-  if (flow === "password") {
+  switch (flow) {
+    case "password":
       authActions.authorizePassword(auth)
       return
-  }
 
-  if (flow === "application") {
+    case "application":
       authActions.authorizeApplication(auth)
       return
+
+    case "accessCode":
+      query.push("response_type=code")
+      break
+
+    case "implicit":
+      query.push("response_type=token")
+      break
   }
 
+  if (typeof clientId === "string") {
+    query.push("client_id=" + encodeURIComponent(clientId))
+  }
+
+  let redirectUrl = configs.oauth2RedirectUrl
+
   // todo move to parser
-  if ( !redirectUrl ) {
+  if (typeof redirectUrl === "undefined") {
     errActions.newAuthErr( {
       authId: name,
       source: "validation",
@@ -31,26 +40,38 @@ export default function authorize ( { auth, authActions, errActions, configs, au
     })
     return
   }
+  query.push("redirect_uri=" + encodeURIComponent(redirectUrl))
 
-  if (flow === "implicit" || flow === "accessCode") {
+  if (Array.isArray(scopes) && 0 < scopes.length) {
-    url = schema.get("authorizationUrl") + "?response_type=" + (flow === "implicit" ? "token" : "code")
+    let scopeSeparator = authConfigs.scopeSeparator || " "
+
+    query.push("scope=" + encodeURIComponent(scopes.join(scopeSeparator)))
   }
 
-  url += "&redirect_uri=" + encodeURIComponent(redirectUrl)
+  let state = btoa(new Date())
-      + "&realm=" + encodeURIComponent(authConfigs.realm);
+
-      + "&scope=" + encodeURIComponent(scopes.join(scopeSeparator))
+  query.push("state=" + encodeURIComponent(state))
-      + "&state=" + encodeURIComponent(state)
+
-      + "&client_id=" + encodeURIComponent(clientId)
+  if (typeof authConfigs.realm !== "undefined") {
+    query.push("realm=" + encodeURIComponent(authConfigs.realm))
+  }
+
+  let { additionalQueryStringParams } = authConfigs
 
   for (let key in additionalQueryStringParams) {
-    url += "&" + key + "=" + encodeURIComponent(additionalQueryStringParams[key])
+    if (typeof additionalQueryStringParams[key] !== "undefined") {
+      query.push([key, additionalQueryStringParams[key]].map(encodeURIComponent).join("="))
     }
+  }
+
+  let url = [schema.get("authorizationUrl"), query.join("&")].join("?")
 
   // pass action authorizeOauth2 and authentication data through window
   // to authorize with oauth2
   win.swaggerUIRedirectOauth2 = {
     auth: auth,
     state: state,
+    redirectUrl: redirectUrl,
     callback: flow === "implicit" ? authActions.preAuthorizeImplicit : authActions.authorizeAccessCode,
     errCb: errActions.newAuthErr
   }

src/core/plugins/auth/actions.js

@@ -82,9 +82,14 @@ export const authorizePassword = ( auth ) => ( { authActions } ) => {
     headers.Authorization = "Basic " + btoa(username + ":" + password)
   } else {
     Object.assign(form,  {username}, {password})
+
     if ( passwordType === "query") {
-      if ( clientId ) { query.client_id = clientId }
+      if ( clientId ) {
-      if ( clientSecret ) { query.client_secret = clientSecret }
+        query.client_id = clientId
+      }
+      if ( clientSecret ) {
+        query.client_secret = clientSecret
+      }
     } else {
       Object.assign(form, {client_id: clientId}, {client_secret: clientSecret})
     }
@@ -105,17 +110,17 @@ export const authorizeApplication = ( auth ) => ( { authActions } ) => {
   return authActions.authorizeRequest({body: buildFormData(form), name, url: schema.get("tokenUrl"), auth })
 }
 
-export const authorizeAccessCode = ( auth ) => ( { authActions } ) => {
+export const authorizeAccessCode = ( { auth, redirectUrl } ) => ( { authActions } ) => {
   let { schema, name, clientId, clientSecret } = auth
   let form = {
     grant_type: "authorization_code",
     code: auth.code,
     client_id: clientId,
-   client_secret: clientSecret
+    client_secret: clientSecret,
+    redirect_uri: redirectUrl
   }
 
   return authActions.authorizeRequest({body: buildFormData(form), name, url: schema.get("tokenUrl"), auth})
-
 }
 
 export const authorizeRequest = ( data ) => ( { fn, authActions, errActions, authSelectors } ) => {
@@ -174,7 +179,8 @@ export const authorizeRequest = ( data ) => ( { fn, authActions, errActions, aut
       level: "error",
       source: "auth",
       message: err.message
-      } ) })
+    } )
+  })
 }
 
 export function configureAuth(payload) {