Anna Bodnia
7 лет назад
7 измененных файлов: 73 добавлений и 120 удалений
-
+3 -35dist/oauth2-redirect.html
-
+4 -4dist/swagger-ui-bundle.js
-
+1 -1dist/swagger-ui-bundle.js.map
-
+8 -8dist/swagger-ui.js
-
+1 -1dist/swagger-ui.js.map
-
+1 -1src/core/oauth2-authorize.js
-
+55 -70src/core/plugins/auth/actions.js
+ 3
- 35
dist/oauth2-redirect.html
Просмотреть файл
| @@ -33,51 +33,19 @@ | |||
| if (qp.code) { | |||
| delete oauth2.state; | |||
| oauth2.auth.code = qp.code; | |||
| createForm(oauth2.auth, qp).submit(); | |||
| oauth2.callback(oauth2.auth); | |||
| } else { | |||
| oauth2.errCb({ | |||
| authId: oauth2.auth.name, | |||
| source: "auth", | |||
| level: "error", | |||
| message: "Authorization failed: no accessCode came from the server" | |||
| message: "Authorization failed: no accessCode received from the server" | |||
| }); | |||
| window.close(); | |||
| } | |||
| } else { | |||
| oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid}); | |||
| window.close(); | |||
| } | |||
| } | |||
| function createForm(auth, qp) { | |||
| var form = document.createElement("form"); | |||
| var schema = auth.schema; | |||
| var action = schema.get("tokenUrl"); | |||
| var name, input; | |||
| var fields = { | |||
| code: qp.code, | |||
| "redirect_uri": location.protocol + "//" + location.host + location.pathname, | |||
| "grant_type": "authorization_code", | |||
| "client_secret": auth.clientSecret, | |||
| "client_id": auth.clientId | |||
| } | |||
| for ( name in fields ) { | |||
| input = document.createElement("input"); | |||
| input.name = name; | |||
| input.value = fields[name]; | |||
| input.type = "hidden"; | |||
| form.appendChild(input); | |||
| } | |||
| form.method = "POST"; | |||
| form.action = action; | |||
| document.body.appendChild(form); | |||
| return form; | |||
| window.close(); | |||
| } | |||
| </script> | |||
+ 4
- 4
dist/swagger-ui-bundle.js
Разница между файлами не показана из-за своего большого размера
Просмотреть файл
+ 1
- 1
dist/swagger-ui-bundle.js.map
Просмотреть файл
| @@ -1 +1 @@ | |||
| {"version":3,"file":"swagger-ui-bundle.js","sources":["webpack:///swagger-ui-bundle.js"],"mappings":"AAAA;AAu/FA;AA6+FA;;;;;;;;;;;;;;;;;;;;;;;;;;AA0dA;AAkoJA;AAyiCA;;;;;AAskCA;AAg2IA;AAu5GA;AAg1FA;AAwpEA;AAu+CA;AAs/CA;AA6rCA;AAu5EA;AA+5HA;;;;;;;;;;;;;;AA6wGA;AAyoIA;AAiuJA;AA8kHA;AAonGA;AAukEA;AA02DA;AA+2EA;AAuxGA;;;;;;AAu8EA;AA44FA;;;;;AAi5CA;AA2qFA;AAw2CA;AA2kCA;AAm/CA;AAwwEA;AAq8FA;;;;;;;;;AA82BA;AA2zIA;AAk4DA;AAolDA;;;;;;AA6kCA;AA8iHA;AAipGA","sourceRoot":""} | |||
| {"version":3,"file":"swagger-ui-bundle.js","sources":["webpack:///swagger-ui-bundle.js"],"mappings":"AAAA;AAu/FA;AA6+FA;;;;;;;;;;;;;;;;;;;;;;;;;;AA0dA;AAkoJA;AAyiCA;;;;;AAskCA;AAg2IA;AAu5GA;AAg1FA;AAwpEA;AAu+CA;AAs/CA;AA6rCA;AAu5EA;AA+5HA;;;;;;;;;;;;;;AA6wGA;AAyoIA;AAiuJA;AA8kHA;AAonGA;AAukEA;AA02DA;AA+2EA;AAuxGA;;;;;;AAu8EA;AA+3FA;;;;;AAw5CA;AA2qFA;AAw2CA;AAwkCA;AAs/CA;AAwwEA;AAq8FA;;;;;;;;;AA82BA;AA2zIA;AAk4DA;AAolDA;;;;;;AA6kCA;AA8iHA;AAipGA","sourceRoot":""} | |||
+ 8
- 8
dist/swagger-ui.js
Разница между файлами не показана из-за своего большого размера
Просмотреть файл
+ 1
- 1
dist/swagger-ui.js.map
Просмотреть файл
| @@ -1 +1 @@ | |||
| {"version":3,"file":"swagger-ui.js","sources":["webpack:///swagger-ui.js"],"mappings":"AAAA;;;;;;AA0xCA;AAoyHA;AAuxHA;AAy4FA;AAktCA;AAmgCA;AA0iCA;AA+3BA","sourceRoot":""} | |||
| {"version":3,"file":"swagger-ui.js","sources":["webpack:///swagger-ui.js"],"mappings":"AAAA;;;;;;AA0xCA;AAoyHA;AAuxHA;AAy4FA;AA2sCA;AAmgCA;AA0iCA;AA+3BA","sourceRoot":""} | |||
+ 1
- 1
src/core/oauth2-authorize.js
Просмотреть файл
| @@ -45,7 +45,7 @@ export default function authorize ( auth, authActions, errActions, configs ) { | |||
| win.swaggerUIRedirectOauth2 = { | |||
| auth: auth, | |||
| state: state, | |||
| callback: authActions.preAuthorizeOauth2, | |||
| callback: flow === "implicit" ? authActions.preAuthorizeImplicit : authActions.authorizeAccessCode, | |||
| errCb: errActions.newAuthErr | |||
| } | |||
+ 55
- 70
src/core/plugins/auth/actions.js
Просмотреть файл
| @@ -31,7 +31,7 @@ export function logout(payload) { | |||
| } | |||
| } | |||
| export const preAuthorizeOauth2 = (payload) => ( { authActions, errActions } ) => { | |||
| export const preAuthorizeImplicit = (payload) => ( { authActions, errActions } ) => { | |||
| let { auth , token, isValid } = payload | |||
| let { schema, name } = auth | |||
| let flow = schema.get("flow") | |||
| @@ -70,35 +70,69 @@ export function authorizeOauth2(payload) { | |||
| export const authorizePassword = ( auth ) => ( { fn, authActions, errActions } ) => { | |||
| let { schema, name, username, password, passwordType, clientId, clientSecret } = auth | |||
| let credentials = { | |||
| let form = { | |||
| grant_type: "password", | |||
| scopes: encodeURIComponent(auth.scopes.join(scopeSeparator)) | |||
| } | |||
| let req = { | |||
| url: schema.get("tokenUrl"), | |||
| method: "post", | |||
| headers: { | |||
| "Content-Type": "application/x-www-form-urlencoded" | |||
| }, | |||
| query: {} | |||
| } | |||
| let query = {} | |||
| let headers = {} | |||
| if ( passwordType === "basic") { | |||
| req.headers.Authorization = "Basic " + btoa(username + ":" + password) | |||
| headers.Authorization = "Basic " + btoa(username + ":" + password) | |||
| } else { | |||
| credentials = Object.assign({}, credentials, {username} , {password}) | |||
| Object.assign(form, {username}, {password}) | |||
| if ( passwordType === "query") { | |||
| if ( clientId ) { req.query.client_id = clientId } | |||
| if ( clientSecret ) { req.query.client_secret = clientSecret } | |||
| if ( clientId ) { query.client_id = clientId } | |||
| if ( clientSecret ) { query.client_secret = clientSecret } | |||
| } else { | |||
| credentials = Object.assign({}, credentials, {client_id: clientId}, {client_secret: clientSecret}) | |||
| Object.assign(form, {client_id: clientId}, {client_secret: clientSecret}) | |||
| } | |||
| } | |||
| req.body = buildFormData(credentials) | |||
| return fn.fetch(req) | |||
| .then(( response ) => { | |||
| return authActions.authorizeRequest({ body: buildFormData(form), url: schema.get("tokenUrl"), name, headers, query, auth}) | |||
| } | |||
| export const authorizeApplication = ( auth ) => ( { fn, authActions, errActions } ) => { | |||
| let { schema, scopes, name, clientId, clientSecret } = auth | |||
| let form = { | |||
| grant_type: "client_credentials", | |||
| client_id: clientId, | |||
| client_secret: clientSecret, | |||
| scope: scopes.join(scopeSeparator) | |||
| } | |||
| return authActions.authorizeRequest({body: buildFormData(form), name, url: schema.get("tokenUrl"), auth }) | |||
| } | |||
| export const authorizeAccessCode = ( auth ) => ( { fn, authActions } ) => { | |||
| let { schema, name, clientId, clientSecret } = auth | |||
| let form = { | |||
| grant_type: "authorization_code", | |||
| code: auth.code, | |||
| client_id: clientId, | |||
| client_secret: clientSecret | |||
| } | |||
| return authActions.authorizeRequest({body: buildFormData(form), name, url: schema.get("tokenUrl"), auth}) | |||
| } | |||
| export const authorizeRequest = ( data ) => ( { fn, authActions, errActions } ) => { | |||
| let { body, query={}, headers={}, name, url, auth } = data | |||
| let _headers = Object.assign({ | |||
| "Accept":"application/json, text/plain, */*", | |||
| "Content-Type": "application/x-www-form-urlencoded" | |||
| }, headers) | |||
| fn.fetch({ | |||
| url: url, | |||
| method: "post", | |||
| headers: _headers, | |||
| query: query, | |||
| body: body | |||
| }) | |||
| .then(function (response) { | |||
| let token = JSON.parse(response.data) | |||
| let error = token && ( token.error || "" ) | |||
| let parseError = token && ( token.parseError || "" ) | |||
| @@ -123,56 +157,7 @@ export const authorizePassword = ( auth ) => ( { fn, authActions, errActions } ) | |||
| return | |||
| } | |||
| authActions.authorizeOauth2({ auth, token }) | |||
| authActions.authorizeOauth2({ auth, token}) | |||
| }) | |||
| .catch(err => { errActions.newAuthErr( err ) }) | |||
| } | |||
| export const authorizeApplication = ( auth ) => ( { fn, authActions, errActions } ) => { | |||
| let { schema, scopes, name, clientId, clientSecret } = auth | |||
| let credentials = { | |||
| grant_type: "client_credentials", | |||
| client_id: clientId, | |||
| client_secret: clientSecret, | |||
| scope: scopes.join(scopeSeparator) | |||
| } | |||
| return fn.fetch({ | |||
| url: schema.get("tokenUrl"), | |||
| method: "post", | |||
| headers: { | |||
| "Accept":"application/json, text/plain, */*", | |||
| "Content-Type": "application/x-www-form-urlencoded" | |||
| }, | |||
| body: buildFormData(credentials) | |||
| }) | |||
| .then(function (response) { | |||
| let token = JSON.parse(response.data) | |||
| let error = token && ( token.error || "" ) | |||
| let parseError = token && ( token.parseError || "" ) | |||
| if ( !response.ok ) { | |||
| errActions.newAuthErr( { | |||
| authId: name, | |||
| level: "error", | |||
| source: "auth", | |||
| message: response.statusText | |||
| } ) | |||
| return | |||
| } | |||
| if ( error || parseError ) { | |||
| errActions.newAuthErr({ | |||
| authId: name, | |||
| level: "error", | |||
| source: "auth", | |||
| message: JSON.stringify(token) | |||
| }) | |||
| return | |||
| } | |||
| authActions.authorizeOauth2({ auth, token }) | |||
| }) | |||
| .catch(err => { errActions.newAuthErr( err ) }) | |||
| } | |||