Fix test client not using refresh endpoint properly

2024-09-19 10:06:48 +01:00 · 2023-12-13 02:05:18 +00:00 · 2023-12-13 02:05:18 +00:00 · b4787f22aa
commit b4787f22aa
parent 182c424b33
3 changed files with 119 additions and 112 deletions
--- a/server/pages/flow-callback.go.html
+++ b/server/pages/flow-callback.go.html
@ -5,11 +5,11 @@
    <script>
        let loginData = {
            target:{{.TargetOrigin}},
-            userinfo:{{.TargetMessage}},
            tokens: {
                access:{{.AccessToken}},
                refresh:{{.RefreshToken}},
            },
+            userinfo:{{.TargetMessage}},
        };
        window.addEventListener("load", function () {
            window.opener.postMessage(loginData, loginData.target);
--- a/server/refresh.go
+++ b/server/refresh.go
@ -18,7 +18,7 @@ import (
 	"time"
 )

-func (h *HttpServer) refreshHandler(rw http.ResponseWriter, req *http.Request, params httprouter.Params) {
+func (h *HttpServer) refreshHandler(rw http.ResponseWriter, req *http.Request, _ httprouter.Params) {
 	ref := strings.TrimSuffix(req.Referer(), "/")
 	allowedClient, ok := (*h.services.Load())[ref]
 	if !ok {
--- a/test-client/index.html
+++ b/test-client/index.html
@ -7,18 +7,20 @@
      let currentTokens = null;
      const ssoService = "http://localhost:9090";

-        window.addEventListener("message", function (event) {
-            if (event.origin !== ssoService) return;
-            if (isObject(event.data)) {
-                document.getElementById("someTextArea").textContent = JSON.stringify(event.data, null, 2);
+      function updateTokenInfo(data) {
+          currentTokens = data.tokens;
+          data.tokens = {
+              access: "*****",
+              refresh: "*****",
+          }
+          document.getElementById("someTextArea").textContent = JSON.stringify(data, null, 2);
          let perms = document.getElementById("somePerms");
          while (perms.childNodes.length > 0) {
              perms.childNodes.item(0).remove();
          }
-                currentTokens = event.data.tokens;
          document.getElementById("tokenValues").textContent = JSON.stringify(currentTokens, null, 2);

-                let jwt = parseJwt(event.data.tokens.access);
+          let jwt = parseJwt(currentTokens.access);
          if (jwt.per != null) {
              jwt.per.forEach(function (x) {
                  let a = document.createElement("li");
@ -26,6 +28,12 @@
                  perms.appendChild(a);
              });
          }
+      }
+
+      window.addEventListener("message", function (event) {
+          if (event.origin !== ssoService) return;
+          if (isObject(event.data)) {
+              updateTokenInfo(event.data);

              if (currentLoginPopup) currentLoginPopup.close();
              return;
@ -91,8 +99,7 @@
              body: JSON.stringify({"token": currentTokens.refresh}),
          });
          let reqJson = await req.json();
-            currentTokens = reqJson;
-            document.getElementById("tokenValues").textContent = JSON.stringify(currentTokens, null, 2);
+          updateTokenInfo(reqJson);
      }
  </script>
  <style>