Commit
·
e6e3c41
1
Parent(s):
38f0739
Update index.js
Browse files
index.js
CHANGED
|
@@ -82,8 +82,9 @@ async function oauthLogin(opts) {
|
|
| 82 |
throw new Error("Missing oauth state from query parameters in redirected URL");
|
| 83 |
}
|
| 84 |
|
| 85 |
-
|
| 86 |
-
|
|
|
|
| 87 |
throw new Error("Invalid oauth state in redirected URL");
|
| 88 |
}
|
| 89 |
|
|
@@ -95,7 +96,7 @@ async function oauthLogin(opts) {
|
|
| 95 |
body: new URLSearchParams({
|
| 96 |
grant_type: "authorization_code",
|
| 97 |
code,
|
| 98 |
-
|
| 99 |
code_verifier: codeVerifier,
|
| 100 |
}).toString(),
|
| 101 |
});
|
|
@@ -137,13 +138,11 @@ async function oauthLogin(opts) {
|
|
| 137 |
isPro: userInfo.isPro,
|
| 138 |
orgs: userInfo.orgs || [],
|
| 139 |
},
|
| 140 |
-
state:
|
| 141 |
scope: token.scope,
|
| 142 |
};
|
| 143 |
}
|
| 144 |
|
| 145 |
-
const opensInNewWindow = false;
|
| 146 |
-
|
| 147 |
const newNonce = crypto.randomUUID();
|
| 148 |
// Two random UUIDs concatenated together, because min length is 43 and max length is 128
|
| 149 |
const newCodeVerifier = crypto.randomUUID() + crypto.randomUUID();
|
|
@@ -151,9 +150,8 @@ async function oauthLogin(opts) {
|
|
| 151 |
localStorage.setItem("huggingface.co:oauth:nonce", newNonce);
|
| 152 |
localStorage.setItem("huggingface.co:oauth:code_verifier", newCodeVerifier);
|
| 153 |
|
| 154 |
-
const state = `${newNonce}:${opts?.state || ""}`;
|
| 155 |
-
|
| 156 |
const redirectUri = opts?.redirectUri || window.location.href;
|
|
|
|
| 157 |
|
| 158 |
// @ts-expect-error window.huggingface is defined inside static Spaces.
|
| 159 |
const variables = window?.huggingface?.variables ?? null;
|
|
@@ -172,33 +170,17 @@ async function oauthLogin(opts) {
|
|
| 172 |
);
|
| 173 |
|
| 174 |
console.log("localstorage after", JSON.parse(JSON.stringify(localStorage)))
|
| 175 |
-
|
| 176 |
-
|
| 177 |
-
|
| 178 |
-
|
| 179 |
-
|
| 180 |
-
|
| 181 |
-
|
| 182 |
-
|
| 183 |
-
|
| 184 |
-
|
| 185 |
-
|
| 186 |
-
}).toString()}`,
|
| 187 |
-
"_blank"
|
| 188 |
-
);
|
| 189 |
-
throw new Error("Opened in new window");
|
| 190 |
-
} else {
|
| 191 |
-
window.location.href = `${opendidConfig.authorization_endpoint}?${new URLSearchParams({
|
| 192 |
-
client_id: clientId,
|
| 193 |
-
scope: opts?.scopes || "openid profile",
|
| 194 |
-
response_type: "code",
|
| 195 |
-
redirect_uri: redirectUri,
|
| 196 |
-
state,
|
| 197 |
-
code_challenge: challenge,
|
| 198 |
-
code_challenge_method: "S256",
|
| 199 |
-
}).toString()}`;
|
| 200 |
-
throw new Error("Redirected");
|
| 201 |
-
}
|
| 202 |
}
|
| 203 |
|
| 204 |
oauthLogin().then(console.log);
|
|
|
|
| 82 |
throw new Error("Missing oauth state from query parameters in redirected URL");
|
| 83 |
}
|
| 84 |
|
| 85 |
+
const [stateNonce, stateRedirectUri, stateVal] = state.split(":");
|
| 86 |
+
|
| 87 |
+
if (stateNonce !== nonce) {
|
| 88 |
throw new Error("Invalid oauth state in redirected URL");
|
| 89 |
}
|
| 90 |
|
|
|
|
| 96 |
body: new URLSearchParams({
|
| 97 |
grant_type: "authorization_code",
|
| 98 |
code,
|
| 99 |
+
redirect_uri: stateRedirectUri,
|
| 100 |
code_verifier: codeVerifier,
|
| 101 |
}).toString(),
|
| 102 |
});
|
|
|
|
| 138 |
isPro: userInfo.isPro,
|
| 139 |
orgs: userInfo.orgs || [],
|
| 140 |
},
|
| 141 |
+
state: stateVal,
|
| 142 |
scope: token.scope,
|
| 143 |
};
|
| 144 |
}
|
| 145 |
|
|
|
|
|
|
|
| 146 |
const newNonce = crypto.randomUUID();
|
| 147 |
// Two random UUIDs concatenated together, because min length is 43 and max length is 128
|
| 148 |
const newCodeVerifier = crypto.randomUUID() + crypto.randomUUID();
|
|
|
|
| 150 |
localStorage.setItem("huggingface.co:oauth:nonce", newNonce);
|
| 151 |
localStorage.setItem("huggingface.co:oauth:code_verifier", newCodeVerifier);
|
| 152 |
|
|
|
|
|
|
|
| 153 |
const redirectUri = opts?.redirectUri || window.location.href;
|
| 154 |
+
const state = `${newNonce}:${redirectUri}:${opts?.state || ""}`;
|
| 155 |
|
| 156 |
// @ts-expect-error window.huggingface is defined inside static Spaces.
|
| 157 |
const variables = window?.huggingface?.variables ?? null;
|
|
|
|
| 170 |
);
|
| 171 |
|
| 172 |
console.log("localstorage after", JSON.parse(JSON.stringify(localStorage)))
|
| 173 |
+
|
| 174 |
+
window.location.href = `${opendidConfig.authorization_endpoint}?${new URLSearchParams({
|
| 175 |
+
client_id: clientId,
|
| 176 |
+
scope: opts?.scopes || "openid profile",
|
| 177 |
+
response_type: "code",
|
| 178 |
+
redirect_uri: redirectUri,
|
| 179 |
+
state,
|
| 180 |
+
code_challenge: challenge,
|
| 181 |
+
code_challenge_method: "S256",
|
| 182 |
+
}).toString()}`;
|
| 183 |
+
throw new Error("Redirected");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 184 |
}
|
| 185 |
|
| 186 |
oauthLogin().then(console.log);
|