IlyaSobolev/DocSpace-client
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Login: fix consent screen, add redirect, remove useless requests

Browse Source
This commit is contained in:
Timofey Boyko 2023-11-09 14:31:37 +03:00
parent 8c8df8af5a
commit e691e88771
5 changed files with 39 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
packages/common/api/oauth/index.ts
View File

@ -157,5 +157,6 @@ export const onOAuthSubmit = (
method: "post",
url: `/oauth2/authorize`,
data: formData,
withRedirect: true,
});
};

5
packages/common/utils/axiosClient.js
View File

@ -121,8 +121,13 @@ class AxiosClient {
request = (options) => {
const onSuccess = (response) => {
const error = this.getResponseError(response);
if (error) throw new Error(error);
if (response.headers["x-redirect-uri"] && options.withRedirect) {
return window.location.replace(response.headers["x-redirect-uri"]);
}
if (!response || !response.data || response.isAxiosError) return null;
if (response.data.hasOwnProperty("total"))

20
packages/login/src/client/components/sub-components/Consent.tsx
View File

@ -79,24 +79,30 @@ const Consent = ({ oauth, theme, setIsConsentScreen }: IConsentProps) => {
const { t } = useTranslation(["Consent", "Common"]);
const onAllowClick = () => {
const onAllowClick = async () => {
const clientId = oauth.clientId;
let clientState = oauth.state;
const scope = oauth.client.scopes;
if (!clientState) {
const getCookie = () => {
const cookie = document.cookie.split(";");
if (!clientState) {
console.log(document.cookie);
cookie.forEach((c) => {
if (c.includes("client_state")) clientState = c.split("=")[1];
if (c.includes("client_state"))
clientState = c.replace("client_state=", "").trim();
});
};
getCookie();
if (!clientState) await api.oauth.onOAuthLogin();
getCookie();
}
console.log(clientState);
// api.oauth.onOAuthSubmit(clientId, clientState, scope);
await api.oauth.onOAuthSubmit(clientId, clientState, scope);
};
const onDenyClick = () => {

21
packages/login/src/server/index.ts
View File

@ -59,13 +59,12 @@ app.get("*", async (req: ILoginRequest, res: Response, next) => {
initSSR(headers);
try {
const isAuth = await checkIsAuthenticated();
const oauthClientId = (query.client_id as string) || "";
const oauthClientState = (query.state as string) || "";
let oauthClientState = (query.state as string) || "";
const isOAuth = query.type === "oauth2" && !!oauthClientId;
const isConsent = isAuth && isOAuth && oauthClientState;
const isAuth = await checkIsAuthenticated();
if (isAuth && !isOAuth && url !== "/login/error") {
res.redirect("/");
@ -89,7 +88,19 @@ app.get("*", async (req: ILoginRequest, res: Response, next) => {
isAuth
);
oauthState.state = oauthClientState;
if (isAuth && !oauthClientState) {
const cookieState = headers.cookie
?.split(";")
.find((c) => c.includes("client_state"))
?.replace("client_state=", "")
.trim();
if (cookieState) oauthClientState = cookieState;
}
const isConsent = isAuth && isOAuth;
oauthState.state = oauthClientState || "";
oauthState.isConsent = !!isConsent;
isCorrectOAuth = !!oauthState?.client.name;

6
packages/login/src/server/lib/helpers/index.ts
View File

@ -14,11 +14,7 @@ import { getUser } from "@docspace/common/api/people";
import { checkIsAuthenticated } from "@docspace/common/api/user";
import { getClient, getScopeList } from "@docspace/common/api/oauth";
import { TenantStatus } from "@docspace/common/constants";
import {
IClientProps,
INoAuthClientProps,
IScope,
} from "@docspace/common/utils/oauth/interfaces";
import { IScope } from "@docspace/common/utils/oauth/interfaces";
export const getAssets = (): assetsType => {
const manifest = fs.readFileSync(