Skip to content

Commit

Permalink
simplify oauth obtaining process
Browse files Browse the repository at this point in the history
  • Loading branch information
@takeit
takeit committed Apr 23, 2015
1 parent c15cdd6 commit b93420f
Show file tree
Hide file tree
Showing 5 changed files with 24 additions and 183 deletions.
24 changes: 0 additions & 24 deletions newscoop/src/Newscoop/NewscoopBundle/Resources/public/js/playlists/directives/sf-iframe.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,16 +9,9 @@ angular.module('playlistsApp').directive('sfIframeLogin', [
template: '<iframe></iframe>',
replace: true,
restrict: 'E',
scope: {
onLoadHandler: '&onLoad'
},
link: function(scope, $element, attrs) {
var url;

if (!attrs.onLoad) {
throw 'sfIframeLogin: missing onLoad handler';
}

url = [
Routing.generate('fos_oauth_server_authorize'),
'?client_id=', clientId,
Expand All @@ -27,23 +20,6 @@ angular.module('playlistsApp').directive('sfIframeLogin', [
].join('');

$element.attr('src', url);
$element.attr('width', attrs.width || 535);
$element.attr('height', attrs.height || 510);

$element.on('load', function () {
try {
scope.onLoadHandler({
location: $element[0].contentWindow.location
});
} catch (e) {
// A security exception occurs when trying to access
// iframe's contents when login comes from a different
// origin. We simply silence such exceptions, because
// the only load event we are interested in is when
// the login form redirects us back to our own
// domain - that redirection URL contains auth. token.
}
});
}
};
}
Expand Down
49 changes: 13 additions & 36 deletions newscoop/src/Newscoop/NewscoopBundle/Resources/public/js/playlists/services/user-auth.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,42 +6,20 @@
*
* @class ModalLoginCtrl
*/
function ModalLoginCtrl($modalInstance) {
var self = this,
tokenRegex = new RegExp('access_token=(\\w+)');

function ModalLoginCtrl($modalInstance, $window) {
// On successful login, Newscoop login form redirects user to some
// redirect URL and that URL contains the new authentication token.
// Upon redirect, the iframe in modal body is reloaded and we catch
// its onLoad event, giving us a chance to extract new token from URL.

/**
* Updates workflow status on the server.
*
* @method iframeLoadedHandler
* @param location {Object} window.location object of the page
* loaded in the modal's iframe
*/
self.iframeLoadedHandler = function (location) {
var matches,
token;

if (typeof location.hash !== 'string') {
return;
}

matches = tokenRegex.exec(location.hash);

if (matches !== null) {
token = matches[1];
$modalInstance.close(token);
// Upon redirect, the iframe in modal body is reloaded and its
// Javascript code extracts the token from the URL. On session
// storage change login modal will be closed.
angular.element($window).on('storage', function() {
if ($window.sessionStorage.getItem('newscoop.token')) {
$modalInstance.close();
}
// if token is not found (perhaps due to the failed login),
// nothing happens and the modal stays open
};
});
}

ModalLoginCtrl.$inject = ['$modalInstance'];
ModalLoginCtrl.$inject = ['$modalInstance', '$window'];

/**
* A service for managing user authentication.
Expand All @@ -63,7 +41,7 @@
* @return {String} the token itself or null if does not exist
*/
self.token = function () {
return $window.sessionStorage.getItem('token');
return $window.sessionStorage.getItem('newscoop.token');
};

/**
Expand All @@ -74,7 +52,7 @@
* @return {Boolean}
*/
self.isAuthenticated = function () {
return !!$window.sessionStorage.getItem('token');
return !!$window.sessionStorage.getItem('newscoop.token');
};

/**
Expand All @@ -97,10 +75,9 @@
backdrop: 'static'
});

dialog.result.then(function (token) {
$window.sessionStorage.setItem('token', token);
dialog.result.then(function () {
flashMessage(Translator.trans('Successfully refreshed authentication token.', {}, 'messages'));
deferred.resolve(token);
deferred.resolve();
})
.catch(function (reason) {
flashMessage(Translator.trans('Failed to refresh authentication token.', {}, 'messages'), 'error');
Expand Down
5 changes: 1 addition & 4 deletions newscoop/src/Newscoop/NewscoopBundle/Resources/public/views/modal-login.html
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,5 @@
<div class="modal-login">
<div class="modal-body">
<sf-iframe-login
width="535" height="510"
on-load="ctrl.iframeLoadedHandler(location)"
></sf-iframe-login>
<sf-iframe-login width="100%" height="510"></sf-iframe-login>
</div>
</div>
89 changes: 0 additions & 89 deletions newscoop/themes/system_templates/js/jquery.cookie.js
View file

This file was deleted.

40 changes: 10 additions & 30 deletions newscoop/themes/system_templates/oauth_result.tpl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Newscoop Oauth Authentication Result</title>
<title>Newscoop OAuth Authentication Result</title>

<!-- Bootstrap core CSS -->
<link href="/themes/system_templates/css/bootstrap.min.css" rel="stylesheet">
Expand All @@ -27,40 +27,20 @@
<body>
<div id="container">
<img src="/themes/system_templates/img/newscoop_logo_big.png" />
<h1 class="form-signin-heading text-muted">Authentication is finished</h1>
<h1 class="form-signin-heading text-muted">Authentication finished.</h1>
<p>Check result in this page url (with javascript) and continue with returned data</p>
</div>

<!-- Placed at the end of the document so the pages load faster -->
<script src="https://code.jquery.com/jquery-1.10.2.min.js"></script>
<script src="/themes/system_templates/js/jquery.cookie.js"></script>
<script src="/themes/system_templates/js/bootstrap.min.js"></script>
<script type="text/javascript">
function getHashParams() {
var hashParams = {};
var e,a = /\+/g,r = /([^&;=]+)=?([^&;]*)/g,d = function (s) { return decodeURIComponent(s.replace(a, " ")); },q = window.location.hash.substring(1);
while (e = r.exec(q))hashParams[d(e[1])] = d(e[2]);
return hashParams;
}
var hashParams = getHashParams();
// check if authentication was succesfull and play with access_token
if (jQuery.inArray("access_token", hashParams)) {
console.log('Your access_token is: ' + hashParams.access_token);
var tokenRegex = new RegExp('access_token=(\\w+)'),
matches = tokenRegex.exec(window.location.hash),
token;
if ($.cookie('newscoop_access_token') == null || $.cookie('newscoop_access_token') != hashParams.access_token) {
// create new cookie with access_token value
console.log('Creating cookie with access_token value');
var date = new Date();
date.setTime(date.getTime() + (hashParams.expires_in * 1000));
$.cookie('newscoop_access_token', hashParams.access_token, { expires: date, path: '/' });
} else {
console.log('You have valid access_token under "newscoop_access_token" cookie');
token = matches[1];
console.log('Your access_token is: ' + token);
if (!sessionStorage.getItem('newscoop.token') && token) {
console.log('Saving access_token in sessionStorage');
sessionStorage.setItem('newscoop.token', token);
}
} else if (jQuery.inArray("error", hashParams)) {
// there was an error on authentication process
console.log('error:' + hashParams.error);
}
</script>
</body>
</html>
Expand Down

0 comments on commit b93420f

Please sign in to comment.