File indexing completed on 2024-04-14 05:48:09 

0001 <!--
0002   ~
0003   ~   ocs-apiserver
0004   ~
0005   ~   Copyright 2016 by pling GmbH.
0006   ~
0007   ~    This file is part of ocs-apiserver.
0008   ~
0009   ~    This program is free software: you can redistribute it and/or modify
0010   ~    it under the terms of the GNU Affero General Public License as
0011   ~    published by the Free Software Foundation, either version 3 of the
0012   ~    License, or (at your option) any later version.
0013   ~
0014   ~    This program is distributed in the hope that it will be useful,
0015   ~    but WITHOUT ANY WARRANTY; without even the implied warranty of
0016   ~    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
0017   ~    GNU Affero General Public License for more details.
0018   ~
0019   ~    You should have received a copy of the GNU Affero General Public License
0020   ~    along with this program.  If not, see <http://www.gnu.org/licenses/>.
0021   ~
0022   -->
0023 
0024 <!doctype html>
0025 <html lang="en-US">
0026 <title>Swagger UI: OAuth2 Redirect</title>
0027 <body onload="run()">
0028 </body>
0029 </html>
0030 <script>
0031     'use strict';
0032     function run () {
0033         var oauth2 = window.opener.swaggerUIRedirectOauth2;
0034         var sentState = oauth2.state;
0035         var redirectUrl = oauth2.redirectUrl;
0036         var isValid, qp, arr;
0037 
0038         if (/code|token|error/.test(window.location.hash)) {
0039             qp = window.location.hash.substring(1);
0040         } else {
0041             qp = location.search.substring(1);
0042         }
0043 
0044         arr = qp.split("&")
0045         arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';})
0046         qp = qp ? JSON.parse('{' + arr.join() + '}',
0047             function (key, value) {
0048                 return key === "" ? value : decodeURIComponent(value)
0049             }
0050         ) : {}
0051 
0052         isValid = qp.state === sentState
0053 
0054         if ((
0055             oauth2.auth.schema.get("flow") === "accessCode"||
0056             oauth2.auth.schema.get("flow") === "authorizationCode"
0057         ) && !oauth2.auth.code) {
0058             if (!isValid) {
0059                 oauth2.errCb({
0060                     authId: oauth2.auth.name,
0061                     source: "auth",
0062                     level: "warning",
0063                     message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server"
0064                 });
0065             }
0066 
0067             if (qp.code) {
0068                 delete oauth2.state;
0069                 oauth2.auth.code = qp.code;
0070                 oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
0071             } else {
0072                 let oauthErrorMsg
0073                 if (qp.error) {
0074                     oauthErrorMsg = "["+qp.error+"]: " +
0075                         (qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") +
0076                         (qp.error_uri ? "More info: "+qp.error_uri : "");
0077                 }
0078 
0079                 oauth2.errCb({
0080                     authId: oauth2.auth.name,
0081                     source: "auth",
0082                     level: "error",
0083                     message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server"
0084                 });
0085             }
0086         } else {
0087             oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
0088         }
0089         window.close();
0090     }
0091 </script>