diff options
Diffstat (limited to 'apiroute/apiroute-service/src/main/resources/api-doc/oauth2-redirect.html')
-rw-r--r-- | apiroute/apiroute-service/src/main/resources/api-doc/oauth2-redirect.html | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/apiroute/apiroute-service/src/main/resources/api-doc/oauth2-redirect.html b/apiroute/apiroute-service/src/main/resources/api-doc/oauth2-redirect.html new file mode 100644 index 0000000..00c7f01 --- /dev/null +++ b/apiroute/apiroute-service/src/main/resources/api-doc/oauth2-redirect.html @@ -0,0 +1,53 @@ +<!doctype html> +<html lang="en-US"> +<body onload="run()"> +</body> +</html> +<script> + 'use strict'; + function run () { + var oauth2 = window.opener.swaggerUIRedirectOauth2; + var sentState = oauth2.state; + var redirectUrl = oauth2.redirectUrl; + var isValid, qp, arr; + + qp = (window.location.hash || location.search).substring(1); + + arr = qp.split("&") + arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';}) + qp = qp ? JSON.parse('{' + arr.join() + '}', + function (key, value) { + return key === "" ? value : decodeURIComponent(value) + } + ) : {} + + isValid = qp.state === sentState + + if (oauth2.auth.schema.get("flow") === "accessCode" && !oauth2.auth.code) { + if (!isValid) { + oauth2.errCb({ + authId: oauth2.auth.name, + source: "auth", + level: "warning", + message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server" + }); + } + + if (qp.code) { + delete oauth2.state; + oauth2.auth.code = qp.code; + oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl}); + } else { + oauth2.errCb({ + authId: oauth2.auth.name, + source: "auth", + level: "error", + message: "Authorization failed: no accessCode received from the server" + }); + } + } else { + oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl}); + } + window.close(); + } +</script> |