mirrors/insomnia
1
0
Fork 0
mirror of https://github.com/Kong/insomnia synced 2024-11-08 06:39:48 +00:00
Code Issues Packages Projects Releases Wiki Activity

Handle server-side OAuth2 redirects to non-existent protocols (#2557)

Browse Source 
Co-authored-by: Opender Singh <opender94@gmail.com>
This commit is contained in:
Joe Flint 2020-09-14 22:01:57 -07:00 committed by GitHub
parent 1b416d8027
commit f10b36d335
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
packages/insomnia-app/app/network/o-auth-2/misc.js
View File

@ -45,25 +45,25 @@ export function authorizeUserInWindow(
return new Promise((resolve, reject) => {
let finalUrl = null;
function _parseUrl(currentUrl) {
function _parseUrl(currentUrl, source) {
if (currentUrl.match(urlSuccessRegex)) {
console.log(
`[oauth2] Matched success redirect to "${currentUrl}" with ${urlSuccessRegex.toString()}`,
`[oauth2] ${source}: Matched success redirect to "${currentUrl}" with ${urlSuccessRegex.toString()}`,
);
finalUrl = currentUrl;
child.close();
} else if (currentUrl.match(urlFailureRegex)) {
console.log(
`[oauth2] Matched error redirect to "${currentUrl}" with ${urlFailureRegex.toString()}`,
`[oauth2] ${source}: Matched error redirect to "${currentUrl}" with ${urlFailureRegex.toString()}`,
);
finalUrl = currentUrl;
child.close();
} else if (currentUrl === url) {
// It's the first one, so it's not a redirect
console.log(`[oauth2] Loaded "${currentUrl}"`);
console.log(`[oauth2] ${source}: Loaded "${currentUrl}"`);
} else {
console.log(
`[oauth2] Ignoring URL "${currentUrl}". Didn't match ${urlSuccessRegex.toString()}`,
`[oauth2] ${source}: Ignoring URL "${currentUrl}". Didn't match ${urlSuccessRegex.toString()}`,
);
}
}
@ -91,12 +91,19 @@ export function authorizeUserInWindow(
child.webContents.on('did-navigate', () => {
// Be sure to resolve URL so that we can handle redirects with no host like /foo/bar
const currentUrl = child.webContents.getURL();
_parseUrl(currentUrl);
_parseUrl(currentUrl, 'did-navigate');
});
child.webContents.on('will-redirect', (e, url) => {
// Also listen for will-redirect, as some redirections do not trigger 'did-navigate'
// 'will-redirect' does not cover all cases that 'did-navigate' does, so both events are required
// GitHub's flow triggers only 'did-navigate', while Microsoft's only 'will-redirect'
_parseUrl(url, 'will-redirect');
});
child.webContents.on('did-fail-load', (e, errorCode, errorDescription, url) => {
// Listen for did-fail-load to be able to parse the URL even when the callback server is unreachable
_parseUrl(url);
_parseUrl(url, 'did-fail-load');
});
// Show the window to the user after it loads