Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 1 | <!doctype html> |
| 2 | <html lang="en-US"> |
Matthias Andreas Benkard | 12a5735 | 2021-12-28 18:02:04 +0100 | [diff] [blame^] | 3 | <head> |
| 4 | <title>Swagger UI: OAuth2 Redirect</title> |
| 5 | </head> |
| 6 | <body> |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 7 | <script> |
| 8 | 'use strict'; |
| 9 | function run () { |
| 10 | var oauth2 = window.opener.swaggerUIRedirectOauth2; |
| 11 | var sentState = oauth2.state; |
| 12 | var redirectUrl = oauth2.redirectUrl; |
| 13 | var isValid, qp, arr; |
| 14 | |
| 15 | if (/code|token|error/.test(window.location.hash)) { |
| 16 | qp = window.location.hash.substring(1); |
| 17 | } else { |
| 18 | qp = location.search.substring(1); |
| 19 | } |
| 20 | |
Matthias Andreas Benkard | 12a5735 | 2021-12-28 18:02:04 +0100 | [diff] [blame^] | 21 | arr = qp.split("&"); |
| 22 | arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';}); |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 23 | qp = qp ? JSON.parse('{' + arr.join() + '}', |
| 24 | function (key, value) { |
Matthias Andreas Benkard | 12a5735 | 2021-12-28 18:02:04 +0100 | [diff] [blame^] | 25 | return key === "" ? value : decodeURIComponent(value); |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 26 | } |
Matthias Andreas Benkard | 12a5735 | 2021-12-28 18:02:04 +0100 | [diff] [blame^] | 27 | ) : {}; |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 28 | |
Matthias Andreas Benkard | 12a5735 | 2021-12-28 18:02:04 +0100 | [diff] [blame^] | 29 | isValid = qp.state === sentState; |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 30 | |
| 31 | if (( |
Matthias Andreas Benkard | 12a5735 | 2021-12-28 18:02:04 +0100 | [diff] [blame^] | 32 | oauth2.auth.schema.get("flow") === "accessCode" || |
| 33 | oauth2.auth.schema.get("flow") === "authorizationCode" || |
| 34 | oauth2.auth.schema.get("flow") === "authorization_code" |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 35 | ) && !oauth2.auth.code) { |
| 36 | if (!isValid) { |
| 37 | oauth2.errCb({ |
| 38 | authId: oauth2.auth.name, |
| 39 | source: "auth", |
| 40 | level: "warning", |
| 41 | message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server" |
| 42 | }); |
| 43 | } |
| 44 | |
| 45 | if (qp.code) { |
| 46 | delete oauth2.state; |
| 47 | oauth2.auth.code = qp.code; |
| 48 | oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl}); |
| 49 | } else { |
Matthias Andreas Benkard | 12a5735 | 2021-12-28 18:02:04 +0100 | [diff] [blame^] | 50 | let oauthErrorMsg; |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 51 | if (qp.error) { |
| 52 | oauthErrorMsg = "["+qp.error+"]: " + |
| 53 | (qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") + |
| 54 | (qp.error_uri ? "More info: "+qp.error_uri : ""); |
| 55 | } |
| 56 | |
| 57 | oauth2.errCb({ |
| 58 | authId: oauth2.auth.name, |
| 59 | source: "auth", |
| 60 | level: "error", |
| 61 | message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server" |
| 62 | }); |
| 63 | } |
| 64 | } else { |
| 65 | oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl}); |
| 66 | } |
| 67 | window.close(); |
| 68 | } |
Matthias Andreas Benkard | 12a5735 | 2021-12-28 18:02:04 +0100 | [diff] [blame^] | 69 | |
| 70 | window.addEventListener('DOMContentLoaded', function () { |
| 71 | run(); |
| 72 | }); |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 73 | </script> |
Matthias Andreas Benkard | 12a5735 | 2021-12-28 18:02:04 +0100 | [diff] [blame^] | 74 | </body> |
| 75 | </html> |