insomnia/packages/insomnia-app/app/network/o-auth-2/grant-implicit.js

// @flow
import * as c from './constants';
import { buildQueryStringFromParams, joinUrlAndQueryString } from 'insomnia-url';
import { responseToObject, authorizeUserInWindow } from './misc';

export default async function(
  requestId: string,
  authorizationUrl: string,
  clientId: string,
  responseType: string = c.RESPONSE_TYPE_TOKEN,
  redirectUri: string = '',
  scope: string = '',
  state: string = '',
  audience: string = ''
): Promise<Object> {
  const params = [
    { name: c.P_RESPONSE_TYPE, value: responseType },
    { name: c.P_CLIENT_ID, value: clientId }
  ];

  // Add optional params
  if (
    responseType === c.RESPONSE_TYPE_ID_TOKEN_TOKEN ||
    responseType === c.RESPONSE_TYPE_ID_TOKEN
  ) {
    const nonce = Math.floor(Math.random() * 9999999999999) + 1;
    params.push({ name: c.P_NONCE, value: nonce });
  }

  redirectUri && params.push({ name: c.P_REDIRECT_URI, value: redirectUri });
  scope && params.push({ name: c.P_SCOPE, value: scope });
  state && params.push({ name: c.P_STATE, value: state });
  audience && params.push({ name: c.P_AUDIENCE, value: audience });

  // Add query params to URL
  const qs = buildQueryStringFromParams(params);
  const finalUrl = joinUrlAndQueryString(authorizationUrl, qs);

  const redirectedTo = await authorizeUserInWindow(finalUrl, /(access_token=)/, /(error=)/);
  const fragment = redirectedTo.split('#')[1];

  if (fragment) {
    return responseToObject(fragment, [
      c.P_ACCESS_TOKEN,
      c.P_TOKEN_TYPE,
      c.P_EXPIRES_IN,
      c.P_SCOPE,
      c.P_STATE,
      c.P_ERROR,
      c.P_ERROR_DESCRIPTION,
      c.P_ERROR_URI
    ]);
  } else {
    // Bad redirect
    return {};
  }
}
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`// @flow`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00			`import * as c from './constants';`
prettier entire project 2018-10-17 16:42:33 +00:00			`import { buildQueryStringFromParams, joinUrlAndQueryString } from 'insomnia-url';`
Add Prettier 2018-06-25 17:42:50 +00:00			`import { responseToObject, authorizeUserInWindow } from './misc';`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00
Add Prettier 2018-06-25 17:42:50 +00:00			`export default async function(`
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`requestId: string,`
			`authorizationUrl: string,`
			`clientId: string,`
Fix for swagger2 importer 2018-01-17 05:18:10 +00:00			`responseType: string = c.RESPONSE_TYPE_TOKEN,`
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`redirectUri: string = '',`
			`scope: string = '',`
add audience param to implicit oauth grant closes #1008 (#1009) 2018-06-26 15:31:37 +00:00			`state: string = '',`
			`audience: string = ''`
Use Insomnia network stack for OAuth 2.0 requests (#582) * Use Insomnia network stack for OAuth 2.0 requests * Fix zombie docs 2017-11-10 10:50:39 +00:00			`): Promise<Object> {`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00			`const params = [`
Add Prettier 2018-06-25 17:42:50 +00:00			`{ name: c.P_RESPONSE_TYPE, value: responseType },`
			`{ name: c.P_CLIENT_ID, value: clientId }`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00			`];`

			`// Add optional params`
Add Prettier 2018-06-25 17:42:50 +00:00			`if (`
			`responseType === c.RESPONSE_TYPE_ID_TOKEN_TOKEN \|\|`
			`responseType === c.RESPONSE_TYPE_ID_TOKEN`
			`) {`
Fix for swagger2 importer 2018-01-17 05:18:10 +00:00			`const nonce = Math.floor(Math.random() * 9999999999999) + 1;`
Add Prettier 2018-06-25 17:42:50 +00:00			`params.push({ name: c.P_NONCE, value: nonce });`
[Feature] Enable response type selection for oauth2 implicit mode (#681) * Enable response type selection for oauth2 implicit * Parse token even if callback server is unreachable * Fix style: add _ prefix to private method * Fix style: reorder private method declaration * Set OAuth 2.0 default responseType value to token * Add responseType to params * Fix response type constant value * Code styling * Fix authorization request parameters * Don't open dev tools 2018-01-16 06:08:46 +00:00			`}`
Fix for swagger2 importer 2018-01-17 05:18:10 +00:00
Add Prettier 2018-06-25 17:42:50 +00:00			`redirectUri && params.push({ name: c.P_REDIRECT_URI, value: redirectUri });`
			`scope && params.push({ name: c.P_SCOPE, value: scope });`
			`state && params.push({ name: c.P_STATE, value: state });`
add audience param to implicit oauth grant closes #1008 (#1009) 2018-06-26 15:31:37 +00:00			`audience && params.push({ name: c.P_AUDIENCE, value: audience });`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00
			`// Add query params to URL`
Merge All Repositories into Monorepo for easier maintenance (#629) * All projects into monorepo * Update CI * More CI updates * Extracted a bunch of things into packages * Publish - insomnia-plugin-base64@1.0.1 - insomnia-plugin-default-headers@1.0.2 - insomnia-plugin-file@1.0.1 - insomnia-plugin-hash@1.0.1 - insomnia-plugin-now@1.0.1 - insomnia-plugin-request@1.0.1 - insomnia-plugin-response@1.0.1 - insomnia-plugin-uuid@1.0.1 - insomnia-cookies@0.0.2 - insomnia-importers@1.5.2 - insomnia-prettify@0.0.3 - insomnia-url@0.0.2 - insomnia-xpath@0.0.2 * A bunch of small fixes * Improved build script * Fixed * Merge dangling files * Usability refactor * Handle duplicate plugin names 2017-11-26 20:45:40 +00:00			`const qs = buildQueryStringFromParams(params);`
			`const finalUrl = joinUrlAndQueryString(authorizationUrl, qs);`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00
prettier entire project 2018-10-17 16:42:33 +00:00			`const redirectedTo = await authorizeUserInWindow(finalUrl, /(access_token=)/, /(error=)/);`
First-Party OAuth 2.0 Support (#120) * Proof of concept authorize call * Authorize and Refresh endpoints done * OAuth2 editor started * Some small fixes * Set OAuth headers on request * Started on some OAuth tests * Updated network logic with new OAuth API * OAuth forms and refactor flows * Fix grant type handling * Moved auth handling out of render pipeline * Fixed legacy auth header * Fix vertical center * Prompt user on auth type change * Refresh tokens working (I think) and better UI * Catch same type auth change * POC refresh token and small refactor * Better token handling * LOading state to token refresh * Show o-auth-2 errors * Some minor updates 2017-03-23 22:10:42 +00:00			`const fragment = redirectedTo.split('#')[1];`

			`if (fragment) {`
			`return responseToObject(fragment, [`
			`c.P_ACCESS_TOKEN,`
			`c.P_TOKEN_TYPE,`
			`c.P_EXPIRES_IN,`
			`c.P_SCOPE,`
			`c.P_STATE,`
			`c.P_ERROR,`
			`c.P_ERROR_DESCRIPTION,`
			`c.P_ERROR_URI`
			`]);`
			`} else {`
			`// Bad redirect`
			`return {};`
			`}`
			`}`