opendev/storyboard-webclient
Code Issues Proposed changes
storyboard-webclient/src/app/auth/service/open_id.js
Nikita Konovalov 9e9ee48918 Auth support 
- Created StringUtil class with some useful random string methods.
- Create UrlUtil class with useful URL manipulation and builder methods.
- Cleaned up some unused libraries (cookies, mocks) from index.html
- Added LocalStorage dependency.
- Added advanced routing to auth module for OAuth response routing.
- Added state resolver methods so we can enforce UI states that require
certain session states.
- Removed AuthProvider resolver and resource, as they're no longer necessary.
- Updated header to point to correct routes.
- Updated header to correctly represent state.
- Added busy template for "pending" activity. This shouldn't actually show up
because the javascript will resolve the view logic too quickly, but it's
included for the sake of completion.
- Added error state in case we get an error response from the server. It's
very basic.
- Added request interceptor that attaches an access token to every request
if a valid access token exists.
- Added OpenId service to handle our redirection and token resolution.
- Added Deauthorization (logout) controller.
- Added session management controller.
- Added search param provider to inject non-hashbang query parameters.

Change-Id: Id9b1e7fe9ed98ad4be0a80f1acd4a9e125ec57c9
2014-03-03 13:56:11 -08:00

106 lines
4.0 KiB
JavaScript
Raw Blame History

/*
* Copyright (c) 2014 Hewlett-Packard Development Company, L.P.
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License. You may obtain
* a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations
* under the License.
*/
/**
* Our OpenID token resource, which adheres to the OpenID connect specification
* found here; http://openid.net/specs/openid-connect-basic-1_0.html
*/
angular.module('sb.auth').factory('OpenId',
function ($location, $window, $log, $http, $q, StringUtil, UrlUtil,
storyboardApiBase, localStorageService) {
'use strict';
var storageKey = 'openid_authorize_state';
var authorizeUrl = storyboardApiBase + '/openid/authorize';
var tokenUrl = storyboardApiBase + '/openid/token';
var redirectUri = UrlUtil.buildApplicationUrl('/auth/token');
var clientId = $location.host();
return {
/**
* Asks the OAuth endpoint for an authorization token given
* the passed parameters.
*/
authorize: function () {
// Create and store a random state parameter.
var state = StringUtil.randomAlphaNumeric(20);
localStorageService.set(storageKey, state);
var openIdParams = {
response_type: 'code',
client_id: clientId,
redirect_uri: redirectUri,
scope: 'user',
state: state
};
$window.location.href = authorizeUrl + '?' +
UrlUtil.serializeParameters(openIdParams);
},
/**
* Asks our OpenID endpoint to convert an authorization token to
* an access token.
*/
token: function (params) {
var deferred = $q.defer();
var authorizationCode = params.code;
var tokenParams = {
grant_type: 'authorization_code',
code: authorizationCode
};
var url = tokenUrl + '?' +
UrlUtil.serializeParameters(tokenParams);
$http({method: 'POST', url: url})
.then(function (response) {
$log.debug('Token creation succeeded.');
// Extract the data
var data = response.data;
// Derive an issue date, from the Date header if
// possible.
var dateHeader = response.headers('Date');
if (!dateHeader) {
data.issue_date = Math.floor(Date.now() / 1000);
} else {
data.issue_date = Math.floor(
new Date(dateHeader) / 1000
);
}
deferred.resolve(data);
},
function (response) {
$log.debug('Token creation failed.');
// Construct a conformant error response.
var error = response.data;
if (!error.hasOwnProperty('error')) {
error = {
error: response.status,
error_description: response.data
};
}
deferred.reject(error);
});
return deferred.promise;
}
};
});
View Git Blame Copy Permalink