oauth2-redirect.html 2.6 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879
  1. <!doctype html>
  2. <html lang="en-US">
  3. <head>
  4. <title>Swagger UI: OAuth2 Redirect</title>
  5. </head>
  6. <body>
  7. <script>
  8. 'use strict';
  9. function run () {
  10. var oauth2 = window.opener.swaggerUIRedirectOauth2;
  11. var sentState = oauth2.state;
  12. var redirectUrl = oauth2.redirectUrl;
  13. var isValid, qp, arr;
  14. if (/code|token|error/.test(window.location.hash)) {
  15. qp = window.location.hash.substring(1);
  16. } else {
  17. qp = location.search.substring(1);
  18. }
  19. arr = qp.split("&");
  20. arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';});
  21. qp = qp ? JSON.parse('{' + arr.join() + '}',
  22. function (key, value) {
  23. return key === "" ? value : decodeURIComponent(value);
  24. }
  25. ) : {};
  26. isValid = qp.state === sentState;
  27. if ((
  28. oauth2.auth.schema.get("flow") === "accessCode" ||
  29. oauth2.auth.schema.get("flow") === "authorizationCode" ||
  30. oauth2.auth.schema.get("flow") === "authorization_code"
  31. ) && !oauth2.auth.code) {
  32. if (!isValid) {
  33. oauth2.errCb({
  34. authId: oauth2.auth.name,
  35. source: "auth",
  36. level: "warning",
  37. message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server"
  38. });
  39. }
  40. if (qp.code) {
  41. delete oauth2.state;
  42. oauth2.auth.code = qp.code;
  43. oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
  44. } else {
  45. let oauthErrorMsg;
  46. if (qp.error) {
  47. oauthErrorMsg = "["+qp.error+"]: " +
  48. (qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") +
  49. (qp.error_uri ? "More info: "+qp.error_uri : "");
  50. }
  51. oauth2.errCb({
  52. authId: oauth2.auth.name,
  53. source: "auth",
  54. level: "error",
  55. message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server"
  56. });
  57. }
  58. } else {
  59. oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
  60. }
  61. window.close();
  62. }
  63. if (document.readyState !== 'loading') {
  64. run();
  65. } else {
  66. document.addEventListener('DOMContentLoaded', function () {
  67. run();
  68. });
  69. }
  70. </script>
  71. </body>
  72. </html>