210 lines
5.4 KiB
JavaScript
210 lines
5.4 KiB
JavaScript
(function(){
|
|
'use strict';
|
|
//This is how the world accesses it!
|
|
var Auth = window.$Auth = {};
|
|
var error;
|
|
var expireListeners = [];
|
|
|
|
//Init should be called before any other functions are used
|
|
//settings: {
|
|
// clientID: client_id for oauth request
|
|
// redirectURI: where redirect to with the token after authorizing
|
|
// authEndpoint: OAuth endpoint to retrieve token
|
|
// requiredPerms: what permissions to request from the user
|
|
//}
|
|
Auth.init = function(settings) {
|
|
var isValid = Auth.verifySettings(settings);
|
|
if(!isValid) {
|
|
console.error("authenticator($Auth) initialized with invalid settings! \
|
|
There may be problems...");
|
|
}
|
|
Auth.settings = {};
|
|
Auth.settings.clientID = settings.clientID;
|
|
Auth.settings.redirectURI = settings.redirectURI;
|
|
Auth.settings.authEndpoint = settings.authEndpoint;
|
|
Auth.settings.requiredPerms = settings.requiredPerms;
|
|
|
|
if(Auth.getToken()) {
|
|
if(Date.now() >= Auth.getToken().expiresTime) {
|
|
Auth.removeToken();
|
|
} else {
|
|
window.setTimeout(Auth.expire, Auth.getToken().expiresTime - Date.now());
|
|
}
|
|
}
|
|
|
|
if(window.location.hash !== "") {
|
|
var hashParams = Auth.parseParams(window.location.hash);
|
|
|
|
if(hashParams.error_reason) {
|
|
error = error_reason;
|
|
window.location.hash = "";
|
|
}
|
|
if(hashParams.access_token) {
|
|
if(hashParams.state === Auth.getState()) {
|
|
Auth.setToken(hashParams.access_token, hashParams.expires_in);
|
|
} else {
|
|
console.error("Invalid state! Something fishy here. Ignoring token...");
|
|
console.error("Our state: ", hashParams.state, " Received state: ", hashParams.state);
|
|
}
|
|
clearHash();
|
|
}
|
|
}
|
|
|
|
return isValid;
|
|
};
|
|
|
|
//Used to verify a settings object for init. Also checked before each call
|
|
//that uses the settings.
|
|
Auth.verifySettings = function(settings) {
|
|
return (
|
|
settings &&
|
|
settings.clientID &&
|
|
settings.redirectURI &&
|
|
settings.authEndpoint &&
|
|
Object.prototype.toString.call(settings.requiredPerms) === '[object Array]'
|
|
);
|
|
};
|
|
|
|
//Test if the current $Auth.settings are valid.
|
|
Auth.isInit = function(){
|
|
return Auth.verifySettings(Auth.settings);
|
|
};
|
|
|
|
Auth.isAuthed = function() {
|
|
return Auth.getToken();
|
|
};
|
|
|
|
Auth.wasError = function() {
|
|
return error;
|
|
};
|
|
|
|
//Redirect to the auth endpoint and request an implicit authorization
|
|
// according to the current $Auth.settings.
|
|
Auth.gotoAuth = function() {
|
|
if(!Auth.isInit()) {
|
|
console.error(
|
|
"Error! Please configure with $Auth.init() before using $Auth"
|
|
);
|
|
}
|
|
redirectToAuthEndpoint();
|
|
|
|
};
|
|
|
|
//User needs to know when things have expires so they can react to it.
|
|
|
|
|
|
Auth.addExpireListener = function(listener) {
|
|
expireListeners.push (listener);
|
|
};
|
|
|
|
Auth.removeExpireListener = function(listener) {
|
|
expireListeners.forEach(function(element, i) {
|
|
if(element === listener) {
|
|
expireListeners[i] = undefined;
|
|
}
|
|
});
|
|
};
|
|
|
|
Auth.addExpireListener = function(listener) {
|
|
expireListeners.push (listener);
|
|
};
|
|
|
|
Auth.removeExpireListener = function(listener) {
|
|
expireListeners.forEach(function(element, i) {
|
|
if(element === listener) {
|
|
expireListeners[i] = undefined;
|
|
}
|
|
});
|
|
};
|
|
Auth.expire = function() {
|
|
Auth.removeToken();
|
|
expireListeners.forEach(function(listener) {
|
|
if(typeof listener === "function") {
|
|
listener();
|
|
}
|
|
});
|
|
};
|
|
|
|
Auth.parseParams = function(params) {
|
|
var result = params.slice(1).split("&").reduce(function(obj, param) {
|
|
var parsed = param.split("=");
|
|
obj[parsed[0]] = decodeURIComponent(parsed[1]);
|
|
return obj;
|
|
}, {});
|
|
return result;
|
|
};
|
|
|
|
Auth.encodeParams = function(paramObj) {
|
|
return Object.keys(paramObj).map(function(key) {
|
|
return key + "=" + encodeURIComponent(paramObj[key]);
|
|
}).join("&");
|
|
|
|
};
|
|
|
|
Auth.getToken = function() {
|
|
try {
|
|
return JSON.parse(window.localStorage.getItem("$Auth_token"));
|
|
} catch (e) {
|
|
console.error("Error parsing token string from storage.")
|
|
throw e;
|
|
}
|
|
};
|
|
|
|
Auth.setToken = function(value, expires) {
|
|
var token = {
|
|
value: value,
|
|
expiresTime: Date.now() + expires * 1000
|
|
};
|
|
window.setTimeout(Auth.expire, expires * 1000 - 60000);
|
|
|
|
window.localStorage.setItem("$Auth_token", JSON.stringify(token));
|
|
};
|
|
|
|
Auth.removeToken = function() {
|
|
window.localStorage.removeItem("$Auth_token");
|
|
};
|
|
|
|
Auth.getState = function() {
|
|
if(!window.localStorage.getItem("$Auth_state")) {
|
|
window.localStorage.setItem("$Auth_state", get15RandomSafeChars());
|
|
}
|
|
return window.localStorage.getItem("$Auth_state");
|
|
};
|
|
|
|
function redirectToAuthEndpoint(perms) {
|
|
var payload = {
|
|
client_id: Auth.settings.clientID,
|
|
redirect_uri: Auth.settings.redirectURI,
|
|
state: Auth.getState(),
|
|
response_type: "token",
|
|
scope: Auth.settings.requiredPerms.join(" ")
|
|
}
|
|
|
|
window.location = Auth.settings.authEndpoint + "?" + Auth.encodeParams(payload);
|
|
}
|
|
|
|
function get15RandomSafeChars() {
|
|
var characters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_";
|
|
var string = "";
|
|
var numbers = [0,1,2].map(function() {
|
|
return Math.floor(Math.random() * Math.pow(2,32));
|
|
});
|
|
numbers.forEach(function(num) {
|
|
var bits = num;
|
|
for(var i = 0; i < 5; ++i) {
|
|
string += characters[bits & 0x3f];
|
|
bits = bits >> 6;
|
|
}
|
|
});
|
|
return string;
|
|
}
|
|
function clearHash() {
|
|
if(window.history && typeof window.history.replaceState !== "undefined") {
|
|
history.replaceState({}, "", window.location.pathname + window.location.search);
|
|
} else {
|
|
window.location.hash = "";
|
|
}
|
|
}
|
|
|
|
})();
|