Rollback openid connect to use code and nonce
Signed-off-by: Gregoire Parant <g.parant@thecodingmachine.com>
This commit is contained in:
Gregoire Parant
parent
4c028bfcb3
commit
89baafba2f
2 changed files with 17 additions and 9 deletions
|
|
@ -165,6 +165,10 @@ class LocalUserStore {
|
||||||
|
|
||||||
verifyState(value: string): boolean {
|
verifyState(value: string): boolean {
|
||||||
const oldValue = localStorage.getItem(state);
|
const oldValue = localStorage.getItem(state);
|
||||||
|
if (!oldValue) {
|
||||||
|
localStorage.setItem(state, value);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
return oldValue === value;
|
return oldValue === value;
|
||||||
}
|
}
|
||||||
getState(): string | null {
|
getState(): string | null {
|
||||||
|
|
|
||||||
|
|
@ -23,26 +23,30 @@ class OpenIDClient {
|
||||||
return this.issuerPromise;
|
return this.issuerPromise;
|
||||||
}
|
}
|
||||||
|
|
||||||
public authorizationUrl(playUri?: string, redirect?: string) {
|
public authorizationUrl(state: string, nonce: string, playUri?: string, redirect?: string) {
|
||||||
return this.initClient().then((client) => {
|
return this.initClient().then((client) => {
|
||||||
return client.authorizationUrl({
|
return client.authorizationUrl({
|
||||||
scope: "openid email",
|
scope: "openid email",
|
||||||
prompt: "login",
|
prompt: "login",
|
||||||
|
state: state,
|
||||||
|
nonce: nonce,
|
||||||
playUri: playUri,
|
playUri: playUri,
|
||||||
redirect: redirect,
|
redirect: redirect,
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
public getUserInfo(accessToken: string): Promise<{ email: string; sub: string; access_token: string }> {
|
public getUserInfo(code: string, nonce: string): Promise<{ email: string; sub: string; access_token: string }> {
|
||||||
return this.initClient().then((client) => {
|
return this.initClient().then((client) => {
|
||||||
return client.userinfo(accessToken).then((res) => {
|
return client.callback(OPID_CLIENT_REDIREC_URL, { code }, { nonce }).then((tokenSet) => {
|
||||||
return {
|
return client.userinfo(tokenSet).then((res) => {
|
||||||
...res,
|
return {
|
||||||
email: res.email as string,
|
...res,
|
||||||
sub: res.sub,
|
email: res.email as string,
|
||||||
access_token: accessToken as string,
|
sub: res.sub,
|
||||||
};
|
access_token: tokenSet.access_token as string,
|
||||||
|
};
|
||||||
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue