Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(292)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: remoting/webapp/oauth2.js

Issue 23891005: Fix OAuth "trampoline" content script to send a message with the oauth results rather than using a … (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Refresh window on new refresh token Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « remoting/webapp/jscompiler_hacks.js ('k') | remoting/webapp/oauth2_callback.html » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 /** 5 /**
6 * @fileoverview 6 * @fileoverview
7 * OAuth2 class that handles retrieval/storage of an OAuth2 token. 7 * OAuth2 class that handles retrieval/storage of an OAuth2 token.
8 * 8 *
9 * Uses a content script to trampoline the OAuth redirect page back into the 9 * Uses a content script to trampoline the OAuth redirect page back into the
10 * extension context. This works around the lack of native support for 10 * extension context. This works around the lack of native support for
(...skipping 249 matching lines...) Expand 10 before | Expand all | Expand 10 after
260 this.setRefreshToken_(refreshToken); 260 this.setRefreshToken_(refreshToken);
261 onOk(); 261 onOk();
262 }; 262 };
263 263
264 /** 264 /**
265 * Redirect page to get a new OAuth2 Refresh Token. 265 * Redirect page to get a new OAuth2 Refresh Token.
266 * 266 *
267 * @return {void} Nothing. 267 * @return {void} Nothing.
268 */ 268 */
269 remoting.OAuth2.prototype.doAuthRedirect = function() { 269 remoting.OAuth2.prototype.doAuthRedirect = function() {
270 /** @type {remoting.OAuth2} */
271 var that = this;
270 var xsrf_token = remoting.generateXsrfToken(); 272 var xsrf_token = remoting.generateXsrfToken();
271 window.localStorage.setItem(this.KEY_XSRF_TOKEN_, xsrf_token); 273 window.localStorage.setItem(this.KEY_XSRF_TOKEN_, xsrf_token);
272 var GET_CODE_URL = this.getOAuth2AuthEndpoint_() + '?' + 274 var GET_CODE_URL = this.getOAuth2AuthEndpoint_() + '?' +
273 remoting.xhr.urlencodeParamHash({ 275 remoting.xhr.urlencodeParamHash({
274 'client_id': this.getClientId_(), 276 'client_id': this.getClientId_(),
275 'redirect_uri': this.getRedirectUri_(), 277 'redirect_uri': this.getRedirectUri_(),
276 'scope': this.SCOPE_, 278 'scope': this.SCOPE_,
277 'state': xsrf_token, 279 'state': xsrf_token,
278 'response_type': 'code', 280 'response_type': 'code',
279 'access_type': 'offline', 281 'access_type': 'offline',
280 'approval_prompt': 'force' 282 'approval_prompt': 'force'
281 }); 283 });
282 window.location.replace(GET_CODE_URL); 284
285 /**
286 * Processes the results of the oauth flow.
287 *
288 * @param {Object.<string, string>} message Dictionary containing the parsed
289 * OAuth redirect URL parameters.
290 */
291 function oauth2MessageListener(message) {
292 if ('code' in message && 'state' in message) {
293 var onDone = function() {
294 window.location.reload();
295 };
296 that.exchangeCodeForToken(
297 message['code'], message['state'], onDone);
298 } else {
299 if ('error' in message) {
300 console.error(
301 'Could not obtain authorization code: ' + message['error']);
302 } else {
303 // We intentionally don't log the response - since we don't understand
304 // it, we can't tell if it has sensitive data.
305 console.error('Invalid oauth2 response.');
306 }
307 }
308 chrome.extension.onMessage.removeListener(oauth2MessageListener);
309 }
310 chrome.extension.onMessage.addListener(oauth2MessageListener);
311 window.open(GET_CODE_URL, '_blank', 'location=yes,toolbar=no,menubar=no');
283 }; 312 };
284 313
285 /** 314 /**
286 * Asynchronously exchanges an authorization code for a refresh token. 315 * Asynchronously exchanges an authorization code for a refresh token.
287 * 316 *
288 * @param {string} code The OAuth2 authorization code. 317 * @param {string} code The OAuth2 authorization code.
289 * @param {string} state The state parameter received from the OAuth redirect. 318 * @param {string} state The state parameter received from the OAuth redirect.
290 * @param {function():void} onDone Callback to invoke on completion. 319 * @param {function():void} onDone Callback to invoke on completion.
291 * @return {void} Nothing. 320 * @return {void} Nothing.
292 */ 321 */
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after
382 * @return {?string} The email address, if it has been cached by a previous call 411 * @return {?string} The email address, if it has been cached by a previous call
383 * to getEmail, otherwise null. 412 * to getEmail, otherwise null.
384 */ 413 */
385 remoting.OAuth2.prototype.getCachedEmail = function() { 414 remoting.OAuth2.prototype.getCachedEmail = function() {
386 var value = window.localStorage.getItem(this.KEY_EMAIL_); 415 var value = window.localStorage.getItem(this.KEY_EMAIL_);
387 if (typeof value == 'string') { 416 if (typeof value == 'string') {
388 return value; 417 return value;
389 } 418 }
390 return null; 419 return null;
391 }; 420 };
OLDNEW
« no previous file with comments | « remoting/webapp/jscompiler_hacks.js ('k') | remoting/webapp/oauth2_callback.html » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698