is a light-weight, web based API development suite.
| oauth.js (hoppscotch-2.2.1) | : | oauth.js (hoppscotch-3.0.0) |
|---|
| | |
| skipping to change at line 24 | | skipping to change at line 24 |
|---|
| * @param {String} url - The resource | | * @param {String} url - The resource |
| * @param {Object} params - Configuration options | | * @param {Object} params - Configuration options |
| * @returns {Object} | | * @returns {Object} |
| */ | | */ |
| | |
| const sendPostRequest = async (url, params) => { | | const sendPostRequest = async (url, params) => { |
| const body = Object.keys(params) | | const body = Object.keys(params) |
| .map((key) => `${key}=${params[key]}`) | | .map((key) => `${key}=${params[key]}`) |
| .join("&") | | .join("&") |
| const options = { | | const options = { |
|
| method: "post", | | method: "POST", |
| headers: { | | headers: { |
| "Content-type": "application/x-www-form-urlencoded; charset=UTF-8", | | "Content-type": "application/x-www-form-urlencoded; charset=UTF-8", |
| }, | | }, |
| body, | | body, |
| } | | } |
| try { | | try { |
| const response = await fetch(url, options) | | const response = await fetch(url, options) |
| const data = await response.json() | | const data = await response.json() |
| return data | | return data |
| } catch (e) { | | } catch (e) { |
| | |
| skipping to change at line 91 | | skipping to change at line 91 |
|---|
| | |
| /** | | /** |
| * Generates a secure random string using the browser crypto functions | | * Generates a secure random string using the browser crypto functions |
| * | | * |
| * @returns {Object} | | * @returns {Object} |
| */ | | */ |
| | |
| const generateRandomString = () => { | | const generateRandomString = () => { |
| const array = new Uint32Array(28) | | const array = new Uint32Array(28) |
| window.crypto.getRandomValues(array) | | window.crypto.getRandomValues(array) |
|
| return Array.from(array, (dec) => `0${dec.toString(16)}`.substr(-2)).join("") | | return Array.from(array, (dec) => `0${dec.toString(16)}`.slice(-2)).join("") |
| } | | } |
| | |
| /** | | /** |
| * Calculate the SHA256 hash of the input text | | * Calculate the SHA256 hash of the input text |
| * | | * |
| * @returns {Promise<ArrayBuffer>} | | * @returns {Promise<ArrayBuffer>} |
| */ | | */ |
| | |
| const sha256 = (plain) => { | | const sha256 = (plain) => { |
| const encoder = new TextEncoder() | | const encoder = new TextEncoder() |
| | |
| skipping to change at line 151 | | skipping to change at line 151 |
|---|
| * @param {Object} - The necessary params | | * @param {Object} - The necessary params |
| * @returns {Void} | | * @returns {Void} |
| */ | | */ |
| | |
| const tokenRequest = async ({ | | const tokenRequest = async ({ |
| oidcDiscoveryUrl, | | oidcDiscoveryUrl, |
| grantType, | | grantType, |
| authUrl, | | authUrl, |
| accessTokenUrl, | | accessTokenUrl, |
| clientId, | | clientId, |
|
| | clientSecret, |
| scope, | | scope, |
| }) => { | | }) => { |
| // Check oauth configuration | | // Check oauth configuration |
| if (oidcDiscoveryUrl !== "") { | | if (oidcDiscoveryUrl !== "") { |
| // eslint-disable-next-line camelcase | | // eslint-disable-next-line camelcase |
| const { authorization_endpoint, token_endpoint } = | | const { authorization_endpoint, token_endpoint } = |
| await getTokenConfiguration(oidcDiscoveryUrl) | | await getTokenConfiguration(oidcDiscoveryUrl) |
| // eslint-disable-next-line camelcase | | // eslint-disable-next-line camelcase |
| authUrl = authorization_endpoint | | authUrl = authorization_endpoint |
| // eslint-disable-next-line camelcase | | // eslint-disable-next-line camelcase |
| accessTokenUrl = token_endpoint | | accessTokenUrl = token_endpoint |
| } | | } |
|
| | | |
| // Store oauth information | | // Store oauth information |
| setLocalConfig("tokenEndpoint", accessTokenUrl) | | setLocalConfig("tokenEndpoint", accessTokenUrl) |
| setLocalConfig("client_id", clientId) | | setLocalConfig("client_id", clientId) |
|
| | setLocalConfig("client_secret", clientSecret) |
| | |
| // Create and store a random state value | | // Create and store a random state value |
| const state = generateRandomString() | | const state = generateRandomString() |
| setLocalConfig("pkce_state", state) | | setLocalConfig("pkce_state", state) |
| | |
| // Create and store a new PKCE codeVerifier (the plaintext random secret) | | // Create and store a new PKCE codeVerifier (the plaintext random secret) |
| const codeVerifier = generateRandomString() | | const codeVerifier = generateRandomString() |
| setLocalConfig("pkce_codeVerifier", codeVerifier) | | setLocalConfig("pkce_codeVerifier", codeVerifier) |
| | |
| // Hash and base64-urlencode the secret to use as the challenge | | // Hash and base64-urlencode the secret to use as the challenge |
| | |
| skipping to change at line 224 | | skipping to change at line 225 |
|---|
| if (getLocalConfig("pkce_state") !== q.state) { | | if (getLocalConfig("pkce_state") !== q.state) { |
| alert("Invalid state") | | alert("Invalid state") |
| Promise.reject(tokenResponse) | | Promise.reject(tokenResponse) |
| } else { | | } else { |
| try { | | try { |
| // Exchange the authorization code for an access token | | // Exchange the authorization code for an access token |
| tokenResponse = sendPostRequest(getLocalConfig("tokenEndpoint"), { | | tokenResponse = sendPostRequest(getLocalConfig("tokenEndpoint"), { |
| grant_type: "authorization_code", | | grant_type: "authorization_code", |
| code: q.code, | | code: q.code, |
| client_id: getLocalConfig("client_id"), | | client_id: getLocalConfig("client_id"), |
|
| | client_secret: getLocalConfig("client_secret"), |
| redirect_uri: redirectUri, | | redirect_uri: redirectUri, |
| code_verifier: getLocalConfig("pkce_codeVerifier"), | | code_verifier: getLocalConfig("pkce_codeVerifier"), |
| }) | | }) |
| } catch (e) { | | } catch (e) { |
| console.error(e) | | console.error(e) |
| return Promise.reject(tokenResponse) | | return Promise.reject(tokenResponse) |
| } | | } |
| } | | } |
| // Clean these up since we don't need them anymore | | // Clean these up since we don't need them anymore |
| removeLocalConfig("pkce_state") | | removeLocalConfig("pkce_state") |
| removeLocalConfig("pkce_codeVerifier") | | removeLocalConfig("pkce_codeVerifier") |
| removeLocalConfig("tokenEndpoint") | | removeLocalConfig("tokenEndpoint") |
| removeLocalConfig("client_id") | | removeLocalConfig("client_id") |
|
| | removeLocalConfig("client_secret") |
| return tokenResponse | | return tokenResponse |
| } | | } |
| return Promise.reject(tokenResponse) | | return Promise.reject(tokenResponse) |
| } | | } |
| | |
| export { tokenRequest, oauthRedirect } | | export { tokenRequest, oauthRedirect } |
| | | |
| End of changes. 7 change blocks. |
|---|
| 3 lines changed or deleted | | 6 lines changed or added |
|---|
"Fossies" - the Fresh Open Source Software Archive 