diff options
| author | rmsousa@chromium.org <rmsousa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-09-20 20:22:49 +0000 |
|---|---|---|
| committer | rmsousa@chromium.org <rmsousa@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2013-09-20 20:22:49 +0000 |
| commit | a9b48c0e02d06fcda99fd358c02d9fc38b185031 (patch) | |
| tree | aa254d47bd9db9035c98608cd268a7bba953280f /remoting | |
| parent | 86c71f70fe9e419c95b48c4b4eaddcd8304483ad (diff) | |
| download | chromium_src-a9b48c0e02d06fcda99fd358c02d9fc38b185031.zip chromium_src-a9b48c0e02d06fcda99fd358c02d9fc38b185031.tar.gz chromium_src-a9b48c0e02d06fcda99fd358c02d9fc38b185031.tar.bz2 | |
Fix OAuth "trampoline" content script to send a message with the oauth results rather than using a redirect into the extension.
BUG=291207
Review URL: https://chromiumcodereview.appspot.com/23891005
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@224474 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'remoting')
| -rw-r--r-- | remoting/remoting.gyp | 2 | ||||
| -rw-r--r-- | remoting/webapp/cs_oauth2_trampoline.js | 12 | ||||
| -rw-r--r-- | remoting/webapp/jscompiler_hacks.js | 27 | ||||
| -rw-r--r-- | remoting/webapp/oauth2.js | 31 | ||||
| -rw-r--r-- | remoting/webapp/oauth2_callback.html | 16 | ||||
| -rw-r--r-- | remoting/webapp/oauth2_callback.js | 39 |
6 files changed, 44 insertions, 83 deletions
diff --git a/remoting/remoting.gyp b/remoting/remoting.gyp index a8bda51..092fbb6 100644 --- a/remoting/remoting.gyp +++ b/remoting/remoting.gyp @@ -135,7 +135,6 @@ 'webapp/main.html', 'webapp/manifest.json', 'webapp/menu_button.css', - 'webapp/oauth2_callback.html', 'webapp/open_sans.css', 'webapp/open_sans.woff', 'webapp/scale-to-fit.webp', @@ -173,7 +172,6 @@ 'webapp/menu_button.js', 'webapp/oauth2.js', 'webapp/oauth2_api.js', - 'webapp/oauth2_callback.js', 'webapp/paired_client_manager.js', 'webapp/plugin_settings.js', 'webapp/remoting.js', diff --git a/remoting/webapp/cs_oauth2_trampoline.js b/remoting/webapp/cs_oauth2_trampoline.js index efe3fa4..0cf2327 100644 --- a/remoting/webapp/cs_oauth2_trampoline.js +++ b/remoting/webapp/cs_oauth2_trampoline.js @@ -13,6 +13,14 @@ var unofficialPath = '/talkgadget/oauth/chrome-remote-desktop/dev'; if (window.location.pathname == officialPath || window.location.pathname == unofficialPath) { - window.location.replace( - chrome.extension.getURL('oauth2_callback.html') + window.location.search); + var query = window.location.search.substring(1); + var parts = query.split('&'); + var queryArgs = {}; + for (var i = 0; i < parts.length; i++) { + var pair = parts[i].split('='); + queryArgs[decodeURIComponent(pair[0])] = decodeURIComponent(pair[1]); + } + + chrome.extension.sendMessage(queryArgs); + window.close(); } diff --git a/remoting/webapp/jscompiler_hacks.js b/remoting/webapp/jscompiler_hacks.js index 57c9419..94c3ba1 100644 --- a/remoting/webapp/jscompiler_hacks.js +++ b/remoting/webapp/jscompiler_hacks.js @@ -127,28 +127,7 @@ chrome.app.window = { */ chrome.contextMenus = { /** @type {chrome.Event} */ - onClicked: null, - /** - * @param {!Object} createProperties - * @param {function()=} opt_callback - * @return {string|number} - */ - create: function(createProperties, opt_callback) {}, - /** - * @param {string|number} menuItemId - * @param {function()=} opt_callback - */ - remove: function(menuItemId, opt_callback) {}, - /** - * @param {function()=} opt_callback - */ - removeAll: function(opt_callback) {}, - /** - * @param {string|number} id - * @param {!Object} updateProperties - * @param {function()=} opt_callback - */ - update: function(id, updateProperties, opt_callback) {} + onClicked: null }; /** @type {Object} */ @@ -234,7 +213,9 @@ chrome.Window = function() { this.type = ''; }; -/** @param {string} message*/ +/** + * @param {*} message + */ chrome.extension.sendMessage = function(message) {} /** @type {chrome.Event} */ diff --git a/remoting/webapp/oauth2.js b/remoting/webapp/oauth2.js index 6cc4b93..ce0da2d 100644 --- a/remoting/webapp/oauth2.js +++ b/remoting/webapp/oauth2.js @@ -267,6 +267,8 @@ remoting.OAuth2.prototype.onTokens_ = * @return {void} Nothing. */ remoting.OAuth2.prototype.doAuthRedirect = function() { + /** @type {remoting.OAuth2} */ + var that = this; var xsrf_token = remoting.generateXsrfToken(); window.localStorage.setItem(this.KEY_XSRF_TOKEN_, xsrf_token); var GET_CODE_URL = this.getOAuth2AuthEndpoint_() + '?' + @@ -279,7 +281,34 @@ remoting.OAuth2.prototype.doAuthRedirect = function() { 'access_type': 'offline', 'approval_prompt': 'force' }); - window.location.replace(GET_CODE_URL); + + /** + * Processes the results of the oauth flow. + * + * @param {Object.<string, string>} message Dictionary containing the parsed + * OAuth redirect URL parameters. + */ + function oauth2MessageListener(message) { + if ('code' in message && 'state' in message) { + var onDone = function() { + window.location.reload(); + }; + that.exchangeCodeForToken( + message['code'], message['state'], onDone); + } else { + if ('error' in message) { + console.error( + 'Could not obtain authorization code: ' + message['error']); + } else { + // We intentionally don't log the response - since we don't understand + // it, we can't tell if it has sensitive data. + console.error('Invalid oauth2 response.'); + } + } + chrome.extension.onMessage.removeListener(oauth2MessageListener); + } + chrome.extension.onMessage.addListener(oauth2MessageListener); + window.open(GET_CODE_URL, '_blank', 'location=yes,toolbar=no,menubar=no'); }; /** diff --git a/remoting/webapp/oauth2_callback.html b/remoting/webapp/oauth2_callback.html deleted file mode 100644 index 764c7b6..0000000 --- a/remoting/webapp/oauth2_callback.html +++ /dev/null @@ -1,16 +0,0 @@ -<!doctype html> -<!-- -Copyright (c) 2011 The Chromium Authors. All rights reserved. -Use of this source code is governed by a BSD-style license that can be -found in the LICENSE file. ---> - -<html> - <head> - <script src="oauth2.js"></script> - <script src="oauth2_api.js"></script> - <script src="plugin_settings.js"></script> - <script src="xhr.js"></script> - <script src="oauth2_callback.js"></script> - </head> -</html> diff --git a/remoting/webapp/oauth2_callback.js b/remoting/webapp/oauth2_callback.js deleted file mode 100644 index 3517935..0000000 --- a/remoting/webapp/oauth2_callback.js +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -/** - * @fileoverview - * OAuth2 class that handles retrieval/storage of an OAuth2 token. - * - * Uses a content script to trampoline the OAuth redirect page back into the - * extension context. This works around the lack of native support for - * chrome-extensions in OAuth2. - */ - -'use strict'; - -var remoting = remoting || {}; - -function retrieveRefreshToken() { - var query = window.location.search.substring(1); - var parts = query.split('&'); - var queryArgs = {}; - for (var i = 0; i < parts.length; i++) { - var pair = parts[i].split('='); - queryArgs[pair[0]] = pair[1]; - } - - if ('code' in queryArgs && 'state' in queryArgs) { - remoting.settings = new remoting.Settings(); - var oauth2 = new remoting.OAuth2(); - oauth2.exchangeCodeForToken(queryArgs['code'], queryArgs['state'], - function() { - window.location.replace(chrome.extension.getURL('main.html')); - }); - } else { - window.location.replace(chrome.extension.getURL('main.html')); - } -} - -window.addEventListener('load', retrieveRefreshToken, false); |