mirror of
https://github.com/1f349/lavender.git
synced 2024-12-22 07:34:06 +00:00
Fix correct redirection after login flow, and update test client
This commit is contained in:
parent
861d55f6a9
commit
0c668253a8
@ -17,6 +17,7 @@
|
||||
</div>
|
||||
<div>
|
||||
<form method="POST" action="/login">
|
||||
<input type="hidden" name="redirect" value="{{.Redirect}}"/>
|
||||
<input type="hidden" name="loginname" value="{{.LoginName}}"/>
|
||||
<button type="submit">Continue</button>
|
||||
</form>
|
||||
|
@ -10,6 +10,7 @@
|
||||
</header>
|
||||
<main>
|
||||
<form method="POST" action="/login">
|
||||
<input type="hidden" name="redirect" value="{{.Redirect}}"/>
|
||||
<div>
|
||||
<label for="field_loginname">Login Name:</label>
|
||||
<input type="text" name="loginname" id="field_loginname" required/>
|
||||
|
@ -33,11 +33,13 @@ func (h *HttpServer) loginGet(rw http.ResponseWriter, req *http.Request, _ httpr
|
||||
pages.RenderPageTemplate(rw, "login-memory", map[string]any{
|
||||
"ServiceName": h.conf.ServiceName,
|
||||
"LoginName": cookie.Value,
|
||||
"Redirect": req.URL.Query().Get("redirect"),
|
||||
})
|
||||
return
|
||||
}
|
||||
pages.RenderPageTemplate(rw, "login", map[string]any{
|
||||
"ServiceName": h.conf.ServiceName,
|
||||
"Redirect": req.URL.Query().Get("redirect"),
|
||||
})
|
||||
}
|
||||
|
||||
@ -85,7 +87,7 @@ func (h *HttpServer) loginPost(rw http.ResponseWriter, req *http.Request, _ http
|
||||
|
||||
// save state for use later
|
||||
state := login.Config.Namespace + ":" + uuid.NewString()
|
||||
h.flowState.Set(state, flowStateData{login}, time.Now().Add(15*time.Minute))
|
||||
h.flowState.Set(state, flowStateData{login, req.PostFormValue("redirect")}, time.Now().Add(15*time.Minute))
|
||||
|
||||
// generate oauth2 config and redirect to authorize URL
|
||||
oa2conf := login.OAuth2Config
|
||||
@ -135,6 +137,9 @@ func (h *HttpServer) loginCallback(rw http.ResponseWriter, req *http.Request, _
|
||||
http.Error(rw, "Internal Server Error", http.StatusInternalServerError)
|
||||
return
|
||||
}
|
||||
if flowState.redirect != "" {
|
||||
req.Form.Set("redirect", flowState.redirect)
|
||||
}
|
||||
h.SafeRedirect(rw, req)
|
||||
}
|
||||
|
||||
|
@ -42,6 +42,7 @@ type HttpServer struct {
|
||||
|
||||
type flowStateData struct {
|
||||
sso *issuer.WellKnownOIDC
|
||||
redirect string
|
||||
}
|
||||
|
||||
func NewHttpServer(conf Conf, db *database.DB, signingKey mjwt.Signer) *http.Server {
|
||||
|
@ -6,24 +6,17 @@
|
||||
<script>
|
||||
const ssoService = "http://localhost:9090";
|
||||
|
||||
POP2.init(ssoService + "/authorize", "bc36b32c-83cb-404e-8736-cb207f30afe3", "openid profile", 500, 600);
|
||||
POP2.init(ssoService + "/authorize", "f4cdb93d-fe28-427b-b037-f03f44c86a16", "openid profile", 500, 600);
|
||||
|
||||
function updateTokenInfo(data) {
|
||||
document.getElementById("someTextArea").textContent = JSON.stringify(data, null, 2);
|
||||
}
|
||||
|
||||
function parseJwt(token) {
|
||||
const base64Url = token.split('.')[1];
|
||||
const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
|
||||
const jsonPayload = decodeURIComponent(window.atob(base64).split('').map(function (c) {
|
||||
return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
|
||||
}).join(''));
|
||||
return JSON.parse(jsonPayload);
|
||||
}
|
||||
|
||||
function doThisThing() {
|
||||
POP2.clientRequest(ssoService + "/userinfo", {}, true).then(function (x) {
|
||||
console.log(x);
|
||||
return x.json();
|
||||
}).then(function (x) {
|
||||
updateTokenInfo(x);
|
||||
}).catch(function (x) {
|
||||
console.error(x);
|
||||
});
|
||||
|
@ -139,20 +139,21 @@
|
||||
options.headers['Authorization'] = 'Bearer ' + access_token;
|
||||
return new Promise(function (res, rej) {
|
||||
fetch(resource, options).then(function (x) {
|
||||
if (x.statusCode >= 200 && x.statusCode < 300) res(x);
|
||||
if (x.status >= 200 && x.status < 300) res(x);
|
||||
else rej(x);
|
||||
}).catch(function (x) {
|
||||
rej(x);
|
||||
rej(["failed to send request", x]);
|
||||
});
|
||||
});
|
||||
};
|
||||
const resendRequest = function () {
|
||||
return new Promise(function (res, rej) {
|
||||
access_token = undefined;
|
||||
w.POP2.getToken(function () {
|
||||
sendRequest().then(function (x) {
|
||||
res(x);
|
||||
}).catch(function (x) {
|
||||
rej(x);
|
||||
rej(["failed to resend request", x]);
|
||||
});
|
||||
});
|
||||
});
|
||||
|
Loading…
Reference in New Issue
Block a user