kyy/swagger-ui
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #2992 from bodnia/fix-2844

Browse Source 
#2844 fix accessCode flow
This commit is contained in:
Anna
2017-04-27 18:06:12 +02:00
committed by GitHub
parent 210b20eea8 87a23c7c9e
commit a7c90e2d77
7 changed files with 74 additions and 121 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
dist/oauth2-redirect.html vendored
View File

@@ -33,51 +33,19 @@
if (qp.code) {
delete oauth2.state;
oauth2.auth.code = qp.code;
createForm(oauth2.auth, qp).submit();
oauth2.callback(oauth2.auth);
} else {
oauth2.errCb({
authId: oauth2.auth.name,
source: "auth",
level: "error",
message: "Authorization failed: no accessCode came from the server"
message: "Authorization failed: no accessCode received from the server"
});
window.close();
}
} else {
oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid});
window.close();
}
}
function createForm(auth, qp) {
var form = document.createElement("form");
var schema = auth.schema;
var action = schema.get("tokenUrl");
var name, input;
var fields = {
code: qp.code,
"redirect_uri": location.protocol + "//" + location.host + location.pathname,
"grant_type": "authorization_code",
"client_secret": auth.clientSecret,
"client_id": auth.clientId
}
for ( name in fields ) {
input = document.createElement("input");
input.name = name;
input.value = fields[name];
input.type = "hidden";
form.appendChild(input);
}
form.method = "POST";
form.action = action;
document.body.appendChild(form);
return form;
window.close();
}
</script>

8
dist/swagger-ui-bundle.js vendored
View File

File diff suppressed because one or more lines are too long

2
dist/swagger-ui-bundle.js.map vendored
View File

@@ -1 +1 @@
{"version":3,"file":"swagger-ui-bundle.js","sources":["webpack:///swagger-ui-bundle.js"],"mappings":"AAAA;AAu/FA;AA6+FA;;;;;;;;;;;;;;;;;;;;;;;;;;AA0dA;AAkoJA;AAyiCA;;;;;AAskCA;AAg2IA;AAu5GA;AAg1FA;AAwpEA;AAu+CA;AAs/CA;AA6rCA;AAu5EA;AA+5HA;;;;;;;;;;;;;;AA6wGA;AAyoIA;AAiuJA;AA8kHA;AAonGA;AAukEA;AA02DA;AA+2EA;AAuxGA;;;;;;AAu8EA;AA44FA;;;;;AAi5CA;AA2qFA;AAw2CA;AA2kCA;AAm/CA;AAwwEA;AAq8FA;;;;;;;;;AA82BA;AA2zIA;AAk4DA;AAolDA;;;;;;AA6kCA;AA8iHA;AAipGA","sourceRoot":""}
{"version":3,"file":"swagger-ui-bundle.js","sources":["webpack:///swagger-ui-bundle.js"],"mappings":"AAAA;AAu/FA;AA6+FA;;;;;;;;;;;;;;;;;;;;;;;;;;AA0dA;AAkoJA;AAyiCA;;;;;AAskCA;AAg2IA;AAu5GA;AAg1FA;AAwpEA;AAu+CA;AAs/CA;AA6rCA;AAu5EA;AA+5HA;;;;;;;;;;;;;;AA6wGA;AAyoIA;AAiuJA;AA8kHA;AAonGA;AAukEA;AA02DA;AA+2EA;AAuxGA;;;;;;AAu8EA;AA23FA;;;;;AAm5CA;AA2qFA;AAw2CA;AAwkCA;AAs/CA;AAwwEA;AAq8FA;;;;;;;;;AA82BA;AA2zIA;AAk4DA;AAolDA;;;;;;AA6kCA;AA8iHA;AAipGA","sourceRoot":""}

16
dist/swagger-ui.js vendored
View File

File diff suppressed because one or more lines are too long

2
dist/swagger-ui.js.map vendored
View File

@@ -1 +1 @@
{"version":3,"file":"swagger-ui.js","sources":["webpack:///swagger-ui.js"],"mappings":"AAAA;;;;;;AA0xCA;AAoyHA;AAuxHA;AAy4FA;AAktCA;AAmgCA;AA0iCA;AA+3BA","sourceRoot":""}
{"version":3,"file":"swagger-ui.js","sources":["webpack:///swagger-ui.js"],"mappings":"AAAA;;;;;;AA0xCA;AAoyHA;AAuxHA;AAy4FA;AAmsCA;AAmgCA;AA0iCA;AA+3BA","sourceRoot":""}

2
src/core/oauth2-authorize.js
View File

@@ -45,7 +45,7 @@ export default function authorize ( auth, authActions, errActions, configs ) {
win.swaggerUIRedirectOauth2 = {
auth: auth,
state: state,
callback: authActions.preAuthorizeOauth2,
callback: flow === "implicit" ? authActions.preAuthorizeImplicit : authActions.authorizeAccessCode,
errCb: errActions.newAuthErr
}

127
src/core/plugins/auth/actions.js
View File

@@ -31,7 +31,7 @@ export function logout(payload) {
}
}
export const preAuthorizeOauth2 = (payload) => ( { authActions, errActions } ) => {
export const preAuthorizeImplicit = (payload) => ( { authActions, errActions } ) => {
let { auth , token, isValid } = payload
let { schema, name } = auth
let flow = schema.get("flow")
@@ -68,37 +68,71 @@ export function authorizeOauth2(payload) {
}
}
export const authorizePassword = ( auth ) => ( { fn, authActions, errActions } ) => {
export const authorizePassword = ( auth ) => ( { authActions } ) => {
let { schema, name, username, password, passwordType, clientId, clientSecret } = auth
let credentials = {
let form = {
grant_type: "password",
scopes: encodeURIComponent(auth.scopes.join(scopeSeparator))
}
let req = {
url: schema.get("tokenUrl"),
method: "post",
headers: {
"Content-Type": "application/x-www-form-urlencoded"
},
query: {}
}
let query = {}
let headers = {}
if ( passwordType === "basic") {
req.headers.Authorization = "Basic " + btoa(username + ":" + password)
headers.Authorization = "Basic " + btoa(username + ":" + password)
} else {
credentials = Object.assign({}, credentials, {username} , {password})
Object.assign(form, {username}, {password})
if ( passwordType === "query") {
if ( clientId ) { req.query.client_id = clientId }
if ( clientSecret ) { req.query.client_secret = clientSecret }
if ( clientId ) { query.client_id = clientId }
if ( clientSecret ) { query.client_secret = clientSecret }
} else {
credentials = Object.assign({}, credentials, {client_id: clientId}, {client_secret: clientSecret})
Object.assign(form, {client_id: clientId}, {client_secret: clientSecret})
}
}
req.body = buildFormData(credentials)
return fn.fetch(req)
.then(( response ) => {
return authActions.authorizeRequest({ body: buildFormData(form), url: schema.get("tokenUrl"), name, headers, query, auth})
}
export const authorizeApplication = ( auth ) => ( { authActions } ) => {
let { schema, scopes, name, clientId, clientSecret } = auth
let form = {
grant_type: "client_credentials",
client_id: clientId,
client_secret: clientSecret,
scope: scopes.join(scopeSeparator)
}
return authActions.authorizeRequest({body: buildFormData(form), name, url: schema.get("tokenUrl"), auth })
}
export const authorizeAccessCode = ( auth ) => ( { authActions } ) => {
let { schema, name, clientId, clientSecret } = auth
let form = {
grant_type: "authorization_code",
code: auth.code,
client_id: clientId,
client_secret: clientSecret
}
return authActions.authorizeRequest({body: buildFormData(form), name, url: schema.get("tokenUrl"), auth})
}
export const authorizeRequest = ( data ) => ( { fn, authActions, errActions } ) => {
let { body, query={}, headers={}, name, url, auth } = data
let _headers = Object.assign({
"Accept":"application/json, text/plain, */*",
"Content-Type": "application/x-www-form-urlencoded"
}, headers)
fn.fetch({
url: url,
method: "post",
headers: _headers,
query: query,
body: body
})
.then(function (response) {
let token = JSON.parse(response.data)
let error = token && ( token.error || "" )
let parseError = token && ( token.parseError || "" )
@@ -123,56 +157,7 @@ export const authorizePassword = ( auth ) => ( { fn, authActions, errActions } )
return
}
authActions.authorizeOauth2({ auth, token })
authActions.authorizeOauth2({ auth, token})
})
.catch(err => { errActions.newAuthErr( err ) })
}
export const authorizeApplication = ( auth ) => ( { fn, authActions, errActions } ) => {
let { schema, scopes, name, clientId, clientSecret } = auth
let credentials = {
grant_type: "client_credentials",
client_id: clientId,
client_secret: clientSecret,
scope: scopes.join(scopeSeparator)
}
return fn.fetch({
url: schema.get("tokenUrl"),
method: "post",
headers: {
"Accept":"application/json, text/plain, */*",
"Content-Type": "application/x-www-form-urlencoded"
},
body: buildFormData(credentials)
})
.then(function (response) {
let token = JSON.parse(response.data)
let error = token && ( token.error || "" )
let parseError = token && ( token.parseError || "" )
if ( !response.ok ) {
errActions.newAuthErr( {
authId: name,
level: "error",
source: "auth",
message: response.statusText
} )
return
}
if ( error || parseError ) {
errActions.newAuthErr({
authId: name,
level: "error",
source: "auth",
message: JSON.stringify(token)
})
return
}
authActions.authorizeOauth2({ auth, token })
})
.catch(err => { errActions.newAuthErr( err ) })
}