podman
122 строки · 3.5 Кб
1package middleware
2
3import (
4"bytes"
5"fmt"
6"net/http"
7"path"
8"text/template"
9)
10
11func SwaggerUIOAuth2Callback(opts SwaggerUIOpts, next http.Handler) http.Handler {
12opts.EnsureDefaults()
13
14pth := opts.OAuthCallbackURL
15tmpl := template.Must(template.New("swaggeroauth").Parse(swaggerOAuthTemplate))
16
17buf := bytes.NewBuffer(nil)
18_ = tmpl.Execute(buf, &opts)
19b := buf.Bytes()
20
21return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
22if path.Join(r.URL.Path) == pth {
23rw.Header().Set("Content-Type", "text/html; charset=utf-8")
24rw.WriteHeader(http.StatusOK)
25
26_, _ = rw.Write(b)
27return
28}
29
30if next == nil {
31rw.Header().Set("Content-Type", "text/plain")
32rw.WriteHeader(http.StatusNotFound)
33_, _ = rw.Write([]byte(fmt.Sprintf("%q not found", pth)))
34return
35}
36next.ServeHTTP(rw, r)
37})
38}
39
40const (
41swaggerOAuthTemplate = `
42<!DOCTYPE html>
43<html lang="en">
44<head>
45<title>{{ .Title }}</title>
46</head>
47<body>
48<script>
49'use strict';
50function run () {
51var oauth2 = window.opener.swaggerUIRedirectOauth2;
52var sentState = oauth2.state;
53var redirectUrl = oauth2.redirectUrl;
54var isValid, qp, arr;
55
56if (/code|token|error/.test(window.location.hash)) {
57qp = window.location.hash.substring(1).replace('?', '&');
58} else {
59qp = location.search.substring(1);
60}
61
62arr = qp.split("&");
63arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';});
64qp = qp ? JSON.parse('{' + arr.join() + '}',
65function (key, value) {
66return key === "" ? value : decodeURIComponent(value);
67}
68) : {};
69
70isValid = qp.state === sentState;
71
72if ((
73oauth2.auth.schema.get("flow") === "accessCode" ||
74oauth2.auth.schema.get("flow") === "authorizationCode" ||
75oauth2.auth.schema.get("flow") === "authorization_code"
76) && !oauth2.auth.code) {
77if (!isValid) {
78oauth2.errCb({
79authId: oauth2.auth.name,
80source: "auth",
81level: "warning",
82message: "Authorization may be unsafe, passed state was changed in server. The passed state wasn't returned from auth server."
83});
84}
85
86if (qp.code) {
87delete oauth2.state;
88oauth2.auth.code = qp.code;
89oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
90} else {
91let oauthErrorMsg;
92if (qp.error) {
93oauthErrorMsg = "["+qp.error+"]: " +
94(qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") +
95(qp.error_uri ? "More info: "+qp.error_uri : "");
96}
97
98oauth2.errCb({
99authId: oauth2.auth.name,
100source: "auth",
101level: "error",
102message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server."
103});
104}
105} else {
106oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
107}
108window.close();
109}
110
111if (document.readyState !== 'loading') {
112run();
113} else {
114document.addEventListener('DOMContentLoaded', function () {
115run();
116});
117}
118</script>
119</body>
120</html>
121`
122)
123