btwedutech/hoppscotch
5
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 6 Wiki Activity

Merge pull request #486 from liyasthomas/refactor

Browse Source 
chore(oauth): Added method signatures as per JSDoc conventions
This commit is contained in:
James George
2020-01-11 21:27:43 +05:30
committed by GitHub
parent f1b22e7122 5fffc5d29e
commit 119eb321ec
1 changed files with 74 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

95
assets/js/oauth.js
View File

@@ -1,9 +1,15 @@
const redirectUri = `${window.location.origin}/`; const redirectUri = `${window.location.origin}/`;
//////////////////////////////////////////////////////////////////////
// GENERAL HELPER FUNCTIONS // GENERAL HELPER FUNCTIONS
// Make a POST request and parse the response as JSON /**
* Makes a POST request and parse the response as JSON
*
* @param {String} url - The resource
* @param {Object} params - Configuration options
* @returns {Object}
*/
const sendPostRequest = async (url, params) => { const sendPostRequest = async (url, params) => {
const body = Object.keys(params) const body = Object.keys(params)
.map(key => `${key}=${params[key]}`) .map(key => `${key}=${params[key]}`)
@@ -24,17 +30,32 @@ const sendPostRequest = async (url, params) => {
throw err; throw err;
} }
}; };
// Parse a query string into an object
const parseQueryString = string => { /**
if (string === "") { * Parse a query string into an object
*
* @param {String} searchQuery - The search query params
* @returns {Object}
*/
const parseQueryString = searchQuery => {
if (searchQuery === "") {
return {}; return {};
} }
const segments = string.split("&").map(s => s.split("=")); const segments = searchQuery.split("&").map(s => s.split("="));
const queryString = {}; const queryString = segments.reduce(
segments.forEach(s => (queryString[s[0]] = s[1])); (obj, el) => ({ ...obj, [el[0]]: el[1] }),
{}
);
return queryString; return queryString;
}; };
// Get OAuth configuration from OpenID Discovery endpoint
/**
* Get OAuth configuration from OpenID Discovery endpoint
*
* @returns {Object}
*/
const getTokenConfiguration = async endpoint => { const getTokenConfiguration = async endpoint => {
const options = { const options = {
method: "GET", method: "GET",
@@ -52,25 +73,41 @@ const getTokenConfiguration = async endpoint => {
} }
}; };
//////////////////////////////////////////////////////////////////////
// PKCE HELPER FUNCTIONS // PKCE HELPER FUNCTIONS
// Generate a secure random string using the browser crypto functions /**
* Generates a secure random string using the browser crypto functions
*
* @returns {Object}
*/
const generateRandomString = () => { const generateRandomString = () => {
const array = new Uint32Array(28); const array = new Uint32Array(28);
window.crypto.getRandomValues(array); window.crypto.getRandomValues(array);
return Array.from(array, dec => `0${dec.toString(16)}`.substr(-2)).join(""); return Array.from(array, dec => `0${dec.toString(16)}`.substr(-2)).join("");
}; };
// Calculate the SHA256 hash of the input text.
// Returns a promise that resolves to an ArrayBuffer /**
* Calculate the SHA256 hash of the input text
*
* @returns {Promise<ArrayBuffer>}
*/
const sha256 = plain => { const sha256 = plain => {
const encoder = new TextEncoder(); const encoder = new TextEncoder();
const data = encoder.encode(plain); const data = encoder.encode(plain);
return window.crypto.subtle.digest("SHA-256", data); return window.crypto.subtle.digest("SHA-256", data);
}; };
// Base64-urlencodes the input string
/**
* Encodes the input string into Base64 format
*
* @param {String} str - The string to be converted
* @returns {Promise<ArrayBuffer>}
*/
const base64urlencode = ( const base64urlencode = (
str // Convert the ArrayBuffer to string using Uint8 array to convert to what btoa accepts. str // Converts the ArrayBuffer to string using Uint8 array to convert to what btoa accepts.
) => ) =>
// btoa accepts chars only within ascii 0-255 and base64 encodes them. // btoa accepts chars only within ascii 0-255 and base64 encodes them.
// Then convert the base64 encoded to base64url encoded // Then convert the base64 encoded to base64url encoded
@@ -79,16 +116,28 @@ const base64urlencode = (
.replace(/\+/g, "-") .replace(/\+/g, "-")
.replace(/\//g, "_") .replace(/\//g, "_")
.replace(/=+$/, ""); .replace(/=+$/, "");
// Return the base64-urlencoded sha256 hash for the PKCE challenge
/**
* Return the base64-urlencoded sha256 hash for the PKCE challenge
*
* @param {String} v - The randomly generated string
* @returns {String}
*/
const pkceChallengeFromVerifier = async v => { const pkceChallengeFromVerifier = async v => {
const hashed = await sha256(v); const hashed = await sha256(v);
return base64urlencode(hashed); return base64urlencode(hashed);
}; };
//////////////////////////////////////////////////////////////////////
// OAUTH REQUEST // OAUTH REQUEST
// Initiate PKCE Auth Code flow when requested /**
* Initiates PKCE Auth Code flow when requested
*
* @param {Object} - The necessary params
* @returns {Void}
*/
const tokenRequest = async ({ const tokenRequest = async ({
oidcDiscoveryUrl, oidcDiscoveryUrl,
grantType, grantType,
@@ -138,11 +187,15 @@ const tokenRequest = async ({
window.location = buildUrl(); window.location = buildUrl();
}; };
//////////////////////////////////////////////////////////////////////
// OAUTH REDIRECT HANDLING // OAUTH REDIRECT HANDLING
// Handle the redirect back from the authorization server and /**
// get an access token from the token endpoint * Handle the redirect back from the authorization server and
* get an access token from the token endpoint
*
* @returns {Object}
*/
const oauthRedirect = async () => { const oauthRedirect = async () => {
let tokenResponse = ""; let tokenResponse = "";
let q = parseQueryString(window.location.search.substring(1)); let q = parseQueryString(window.location.search.substring(1));