diff options
Diffstat (limited to 'remoting/webapp/oauth2.js')
-rw-r--r-- | remoting/webapp/oauth2.js | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/remoting/webapp/oauth2.js b/remoting/webapp/oauth2.js index 6cc4b93..ce0da2d 100644 --- a/remoting/webapp/oauth2.js +++ b/remoting/webapp/oauth2.js @@ -267,6 +267,8 @@ remoting.OAuth2.prototype.onTokens_ = * @return {void} Nothing. */ remoting.OAuth2.prototype.doAuthRedirect = function() { + /** @type {remoting.OAuth2} */ + var that = this; var xsrf_token = remoting.generateXsrfToken(); window.localStorage.setItem(this.KEY_XSRF_TOKEN_, xsrf_token); var GET_CODE_URL = this.getOAuth2AuthEndpoint_() + '?' + @@ -279,7 +281,34 @@ remoting.OAuth2.prototype.doAuthRedirect = function() { 'access_type': 'offline', 'approval_prompt': 'force' }); - window.location.replace(GET_CODE_URL); + + /** + * Processes the results of the oauth flow. + * + * @param {Object.<string, string>} message Dictionary containing the parsed + * OAuth redirect URL parameters. + */ + function oauth2MessageListener(message) { + if ('code' in message && 'state' in message) { + var onDone = function() { + window.location.reload(); + }; + that.exchangeCodeForToken( + message['code'], message['state'], onDone); + } else { + if ('error' in message) { + console.error( + 'Could not obtain authorization code: ' + message['error']); + } else { + // We intentionally don't log the response - since we don't understand + // it, we can't tell if it has sensitive data. + console.error('Invalid oauth2 response.'); + } + } + chrome.extension.onMessage.removeListener(oauth2MessageListener); + } + chrome.extension.onMessage.addListener(oauth2MessageListener); + window.open(GET_CODE_URL, '_blank', 'location=yes,toolbar=no,menubar=no'); }; /** |