| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| http://www.apache.org/licenses/LICENSE-2.0 |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| <!doctype html> |
| <html lang="en-US"> |
| <head> |
| <title>Swagger UI: OAuth2 Redirect</title> |
| </head> |
| <body> |
| </body> |
| </html> |
| <script> |
| 'use strict'; |
| function run () { |
| var oauth2 = window.opener.swaggerUIRedirectOauth2; |
| var sentState = oauth2.state; |
| var redirectUrl = oauth2.redirectUrl; |
| var isValid, qp, arr; |
| |
| if (/code|token|error/.test(window.location.hash)) { |
| qp = window.location.hash.substring(1); |
| } else { |
| qp = location.search.substring(1); |
| } |
| |
| arr = qp.split("&") |
| arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';}) |
| qp = qp ? JSON.parse('{' + arr.join() + '}', |
| function (key, value) { |
| return key === "" ? value : decodeURIComponent(value) |
| } |
| ) : {} |
| |
| isValid = qp.state === sentState |
| |
| if (( |
| oauth2.auth.schema.get("flow") === "accessCode"|| |
| oauth2.auth.schema.get("flow") === "authorizationCode" |
| ) && !oauth2.auth.code) { |
| if (!isValid) { |
| oauth2.errCb({ |
| authId: oauth2.auth.name, |
| source: "auth", |
| level: "warning", |
| message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server" |
| }); |
| } |
| |
| if (qp.code) { |
| delete oauth2.state; |
| oauth2.auth.code = qp.code; |
| oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl}); |
| } else { |
| let oauthErrorMsg |
| if (qp.error) { |
| oauthErrorMsg = "["+qp.error+"]: " + |
| (qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") + |
| (qp.error_uri ? "More info: "+qp.error_uri : ""); |
| } |
| |
| oauth2.errCb({ |
| authId: oauth2.auth.name, |
| source: "auth", |
| level: "error", |
| message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server" |
| }); |
| } |
| } else { |
| oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl}); |
| } |
| window.close(); |
| } |
| |
| window.addEventListener('DOMContentLoaded', function () { |
| run(); |
| }); |
| </script> |