ff52fde8a5
This change ensures that we always store and then check the contents of the OAuth `state` argument against a session-stored CSRF token. Fixes https://www.pivotaltracker.com/story/show/135803615
43 lines
1.7 KiB
JavaScript
43 lines
1.7 KiB
JavaScript
/**
|
|
* An element which displays a button for logging into the application via an external service.
|
|
*/
|
|
angular.module('quay').directive('externalLoginButton', function () {
|
|
var directiveDefinitionObject = {
|
|
priority: 0,
|
|
templateUrl: '/static/directives/external-login-button.html',
|
|
replace: false,
|
|
transclude: true,
|
|
restrict: 'C',
|
|
scope: {
|
|
'signInStarted': '&signInStarted',
|
|
'redirectUrl': '=redirectUrl',
|
|
'isLink': '=isLink',
|
|
'provider': '@provider',
|
|
'action': '@action'
|
|
},
|
|
controller: function($scope, $timeout, $interval, ApiService, KeyService, CookieService, ExternalLoginService) {
|
|
$scope.signingIn = false;
|
|
$scope.providerInfo = ExternalLoginService.getProvider($scope.provider);
|
|
|
|
$scope.startSignin = function() {
|
|
$scope.signInStarted({'service': $scope.provider});
|
|
ApiService.generateExternalLoginToken().then(function(data) {
|
|
var url = ExternalLoginService.getLoginUrl($scope.provider, $scope.action || 'login');
|
|
url = url + '&state=' + encodeURIComponent(data['token']);
|
|
|
|
// Save the redirect URL in a cookie so that we can redirect back after the service returns to us.
|
|
var redirectURL = $scope.redirectUrl || window.location.toString();
|
|
CookieService.putPermanent('quay.redirectAfterLoad', redirectURL);
|
|
|
|
// Needed to ensure that UI work done by the started callback is finished before the location
|
|
// changes.
|
|
$scope.signingIn = true;
|
|
$timeout(function() {
|
|
document.location = url;
|
|
}, 250);
|
|
}, ApiService.errorDisplay('Could not perform sign in'));
|
|
};
|
|
}
|
|
};
|
|
return directiveDefinitionObject;
|
|
});
|