aboutsummaryrefslogtreecommitdiff
path: root/swagger-ui/oauth2-redirect.html
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--swagger-ui/oauth2-redirect.html67
1 files changed, 67 insertions, 0 deletions
diff --git a/swagger-ui/oauth2-redirect.html b/swagger-ui/oauth2-redirect.html
new file mode 100644
index 0000000..fb68399
--- /dev/null
+++ b/swagger-ui/oauth2-redirect.html
@@ -0,0 +1,67 @@
+<!doctype html>
+<html lang="en-US">
+<body onload="run()">
+</body>
+</html>
+<script>
+ 'use strict';
+ function run () {
+ var oauth2 = window.opener.swaggerUIRedirectOauth2;
+ var sentState = oauth2.state;
+ var redirectUrl = oauth2.redirectUrl;
+ var isValid, qp, arr;
+
+ if (/code|token|error/.test(window.location.hash)) {
+ qp = window.location.hash.substring(1);
+ } else {
+ qp = location.search.substring(1);
+ }
+
+ arr = qp.split("&")
+ arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';})
+ qp = qp ? JSON.parse('{' + arr.join() + '}',
+ function (key, value) {
+ return key === "" ? value : decodeURIComponent(value)
+ }
+ ) : {}
+
+ isValid = qp.state === sentState
+
+ if ((
+ oauth2.auth.schema.get("flow") === "accessCode"||
+ oauth2.auth.schema.get("flow") === "authorizationCode"
+ ) && !oauth2.auth.code) {
+ if (!isValid) {
+ oauth2.errCb({
+ authId: oauth2.auth.name,
+ source: "auth",
+ level: "warning",
+ message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server"
+ });
+ }
+
+ if (qp.code) {
+ delete oauth2.state;
+ oauth2.auth.code = qp.code;
+ oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
+ } else {
+ let oauthErrorMsg
+ if (qp.error) {
+ oauthErrorMsg = "["+qp.error+"]: " +
+ (qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") +
+ (qp.error_uri ? "More info: "+qp.error_uri : "");
+ }
+
+ oauth2.errCb({
+ authId: oauth2.auth.name,
+ source: "auth",
+ level: "error",
+ message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server"
+ });
+ }
+ } else {
+ oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
+ }
+ window.close();
+ }
+</script>