fix: address OAuth review findings (redirect_uri, binding, timeout, CRLF, DRY)
This commit is contained in:
@@ -8,23 +8,23 @@ import java.io.PrintWriter
|
||||
import java.net.InetSocketAddress
|
||||
import java.net.ServerSocket
|
||||
import java.net.URI
|
||||
import java.net.URLDecoder
|
||||
import java.net.URLEncoder
|
||||
import kotlin.concurrent.thread
|
||||
|
||||
class DesktopOAuthClient : OAuthClient {
|
||||
|
||||
private var serverPort: Int = 0
|
||||
|
||||
override fun redirectUri(): String = "http://localhost:$serverPort/callback"
|
||||
override fun redirectUri(): String = "myice://callback"
|
||||
|
||||
override suspend fun authenticate(loginUrl: String): String? {
|
||||
val server = ServerSocket()
|
||||
server.bind(InetSocketAddress(0))
|
||||
serverPort = server.localPort
|
||||
server.bind(InetSocketAddress("127.0.0.1", 0))
|
||||
val serverPort = server.localPort
|
||||
|
||||
val redirectUri = "http://localhost:$serverPort/callback"
|
||||
val fullLoginUrl = loginUrl + "&redirect_uri=" + URLEncoder.encode(redirectUri, "UTF-8")
|
||||
val realRedirectUri = "http://localhost:$serverPort/callback"
|
||||
val fullLoginUrl = loginUrl.replace(
|
||||
"redirect_uri=myice://callback",
|
||||
"redirect_uri=" + URLEncoder.encode(realRedirectUri, "UTF-8")
|
||||
)
|
||||
|
||||
val deferred = CompletableDeferred<String?>()
|
||||
|
||||
@@ -47,28 +47,22 @@ class DesktopOAuthClient : OAuthClient {
|
||||
</script>
|
||||
</body></html>
|
||||
""".trimIndent()
|
||||
writer.println("HTTP/1.1 200 OK")
|
||||
writer.println("Content-Type: text/html")
|
||||
writer.println("Connection: close")
|
||||
writer.println()
|
||||
writer.println(html)
|
||||
writer.print("HTTP/1.1 200 OK\r\n")
|
||||
writer.print("Content-Type: text/html\r\n")
|
||||
writer.print("Connection: close\r\n")
|
||||
writer.print("\r\n")
|
||||
writer.print(html)
|
||||
writer.flush()
|
||||
} else if (path.startsWith("/token")) {
|
||||
val query = path.substringAfter("?")
|
||||
val params = query.split("&").associate { pair ->
|
||||
val idx = pair.indexOf("=")
|
||||
if (idx >= 0) {
|
||||
pair.substring(0, idx) to URLDecoder.decode(pair.substring(idx + 1), "UTF-8")
|
||||
} else pair to ""
|
||||
}
|
||||
val token = params["access_token"]
|
||||
val token = parseAccessTokenFromFragment(query)
|
||||
deferred.complete(token)
|
||||
|
||||
writer.println("HTTP/1.1 200 OK")
|
||||
writer.println("Content-Type: text/html")
|
||||
writer.println("Connection: close")
|
||||
writer.println()
|
||||
writer.println("<html><body><h1>Authentication complete. You can close this window.</h1></body></html>")
|
||||
writer.print("HTTP/1.1 200 OK\r\n")
|
||||
writer.print("Content-Type: text/html\r\n")
|
||||
writer.print("Connection: close\r\n")
|
||||
writer.print("\r\n")
|
||||
writer.print("<html><body><h1>Authentication complete. You can close this window.</h1></body></html>")
|
||||
writer.flush()
|
||||
socket.close()
|
||||
break
|
||||
@@ -82,8 +76,17 @@ class DesktopOAuthClient : OAuthClient {
|
||||
}
|
||||
}
|
||||
|
||||
Desktop.getDesktop().browse(URI(fullLoginUrl))
|
||||
try {
|
||||
Desktop.getDesktop().browse(URI(fullLoginUrl))
|
||||
} catch (e: Exception) {
|
||||
server.close()
|
||||
return null
|
||||
}
|
||||
|
||||
return deferred.await()
|
||||
return try {
|
||||
deferred.await()
|
||||
} finally {
|
||||
server.close()
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user