oauth2-client-demo/implicit.html

<html>
    <head>
        <meta charset="utf-8">
        <title>OAuth2 Demo Login</title>
        <link rel="stylesheet" href="brutalist.css" />
        <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
        <script src="./infos.js"></script>
    </head>
    <body>
        <script>
        </script>
        <h1>Yolo App login page</h1>
        <p>Authorization process done!</p>
        <a href="/index.html">← go back to main page</a>
        <h2>Authorization Status</h2>
        <pre class="code" id="authorization_status"></pre>
        <div id="error-info"></div>
        <h3>State</h3>
        The process should also return the state provided.
        <pre class="code" id="state-param"></pre>
        <div id="onaccesstoken">
            <h2>Access Token</h2>
            <p>The access token is generated by the Authentication server and
                send back to the client via the resource's owner user-agent</p>
            <p>Access tokens live a short time (about 10 min to 1 hour)</p>
            <p>For us, it is a JWT:</p>
            <pre class="code" id="accesstoken-param"></pre>
            <p>Which once decoded is:</p>
            <pre class="code" id="accesstoken-token"></pre>
            <h2>Using the API</h2>
            <h2>API Call</h2>
            <p>API URL: <code id="apiurl" class="code">Nothing yet.</code></p>
            <div class="button"
                 onclick="makeApiCall();">
                Make an API call with the access token
            </div>
            <p>API URL: <code id="apiurl" class="code">Nothing yet.</code></p>
            <pre id="apiresponse" class="code">Nothing yet.</pre>
        </div>
        <script>
         /* ----- */
         function getJsonFromUrl() {
             var query = location.search.substr(1);
             var result = {};
             query.split("&").forEach(function(part) {
                 var item = part.split("=");
                 result[item[0]] = decodeURIComponent(item[1]);
             });
             return result;
         }
         function getHashParams() {
             var hashParams={};
             var e,
                 a = /\+/g,  // Regex for replacing addition symbol with a space
                 r = /([^&;=]+)=?([^&;]*)/g,
                 d = function (s) { return decodeURIComponent(s.replace(a, " ")); },
                 q = window.location.hash.substring(1);
             while (e = r.exec(q))
                 hashParams[d(e[1])] = d(e[2]);
             return hashParams;
         }
         var params=getHashParams();
         var authstatus="";
         if (params.error) {
             authstatus = "REFUSED: " + params.error;
             if (params.error_description) {
                 authstatus += "\n\n" + params.error_description;
             }
             if (params.invalid_parameter) {
                 authstatus += "\n\nInvalid parameter: " + params.invalid_parameter;
             }
             if (params.error_uri) {
                 authstatus += "\n\n<a href='" + decodeURIComponent(params.error_uri) + "'>" + decodeURIComponent(params.error_uri) + "</a>";
             }
             $('#authorization_status').addClass('refused');
             $('#onaccesstoken').hide();
         } else {
             if (params.access_token) {
                 authstatus = "AUTHORIZED" ;
                 $('#authorization_status').addClass('authorized');
             } else {
                 authstatus = "UNKNOWN" ;
                 $('#onaccesstoken').hide();
                 $('#state-param').html("No state");
             }
         }
         $('#urltoken').html( oauthServerTokenUrl );
         $('#apiurl').html( resourceProviderTestEndpoint );
         $('#authorization_status').html( authstatus );
         $('#state-param').html(params.state);
         if (params.error_uri) {
             var erroruri=decodeURIComponent(params.error_uri);
             $('#error-info').html("<p>You can have more informations here:</p><a href=\"" + erroruri + "\" target=\"_blank\">" + erroruri + "</a>");
         }

         function jwtDecode(t) {
             let token = {};
             token.raw = t;
             token.header = JSON.parse(window.atob(t.split('.')[0]));
             token.payload = JSON.parse(window.atob(t.split('.')[1]));
             return (token)
         }
         var jwt=jwtDecode(params.access_token).payload;
         $('#accesstoken-param').html(params.access_token);
         $('#accesstoken-token').html(JSON.stringify(jwt,null,2));
         var accessToken=params.access_token;
         var makeApiCall = function() {
             var onError = function(jqXHR,textStatus,errorThrown){
                 $('#apiresponse').html(errorThrown + " status: " + jqXHR.status
                                + "\n---\n"
                                + JSON.stringify(jqXHR.responseJSON,null,2))}
             var onSuccess = function(data,textStatus,jqXHR) {
                 $("#apiresponse").html(data
                                      + "\n---\n"
                                      + JSON.stringify(jqXHR.responseJSON,null,2));}
             $.ajax({
                 type: "GET"
                 , beforeSend: function(request) {request.setRequestHeader("Authorization","Bearer " + accessToken)}
                 , success: onSuccess
                 , error: onError
                 , url: resourceProviderTestEndpoint
                 , contentType: 'application/json'
                 , crossDomain: true
             });
         };
        </script>
    </body>
</html>
initial commit 2018-02-08 16:11:19 +00:00			`<html>`
			`<head>`
utf-8 + back to main page 2018-02-08 16:24:05 +00:00			`<meta charset="utf-8">`
initial commit 2018-02-08 16:11:19 +00:00			`<title>OAuth2 Demo Login</title>`
stripes + central css 2018-02-08 16:38:15 +00:00			`<link rel="stylesheet" href="brutalist.css" />`
adding token retrieving 2018-02-09 06:45:04 +00:00			`<script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>`
easier to configure version 2018-04-16 14:09:37 +00:00			`<script src="./infos.js"></script>`
initial commit 2018-02-08 16:11:19 +00:00			`</head>`
			`<body>`
			`<script>`
			`</script>`
			`<h1>Yolo App login page</h1>`
			`<p>Authorization process done!</p>`
utf-8 + back to main page 2018-02-08 16:24:05 +00:00			`<a href="/index.html">← go back to main page</a>`
show errors if needed 2018-02-20 12:46:01 +00:00			`<h2>Authorization Status</h2>`
			`<pre class="code" id="authorization_status"></pre>`
display error_uri 2018-02-20 12:59:48 +00:00			`<div id="error-info"></div>`
show errors if needed 2018-02-20 12:46:01 +00:00			`<h3>State</h3>`
			`The process should also return the state provided.`
			`<pre class="code" id="state-param"></pre>`
Implicit grant updated 2018-05-09 15:25:49 +00:00			`<div id="onaccesstoken">`
			`<h2>Access Token</h2>`
			`<p>The access token is generated by the Authentication server and`
			`send back to the client via the resource's owner user-agent</p>`
			`<p>Access tokens live a short time (about 10 min to 1 hour)</p>`
hide interactive part on error 2018-02-20 13:03:40 +00:00			`<p>For us, it is a JWT:</p>`
Implicit grant updated 2018-05-09 15:25:49 +00:00			`<pre class="code" id="accesstoken-param"></pre>`
hide interactive part on error 2018-02-20 13:03:40 +00:00			`<p>Which once decoded is:</p>`
Implicit grant updated 2018-05-09 15:25:49 +00:00			`<pre class="code" id="accesstoken-token"></pre>`
hide interactive part on error 2018-02-20 13:03:40 +00:00			`<h2>Using the API</h2>`
Implicit grant updated 2018-05-09 15:25:49 +00:00			`<h2>API Call</h2>`
			`<p>API URL: <code id="apiurl" class="code">Nothing yet.</code></p>`
hide interactive part on error 2018-02-20 13:03:40 +00:00			`<div class="button"`
			`onclick="makeApiCall();">`
			`Make an API call with the access token`
			`</div>`
added more informations in the login page 2018-04-24 11:41:53 +00:00			`<p>API URL: <code id="apiurl" class="code">Nothing yet.</code></p>`
hide interactive part on error 2018-02-20 13:03:40 +00:00			`<pre id="apiresponse" class="code">Nothing yet.</pre>`
better interaction for demos 2018-02-13 16:56:05 +00:00			`</div>`
adding token retrieving 2018-02-09 06:45:04 +00:00			`<script>`
use REAL Basic Auth 2018-02-28 09:42:24 +00:00			`/* ----- */`
show errors if needed 2018-02-20 12:46:01 +00:00			`function getJsonFromUrl() {`
			`var query = location.search.substr(1);`
			`var result = {};`
			`query.split("&").forEach(function(part) {`
			`var item = part.split("=");`
			`result[item[0]] = decodeURIComponent(item[1]);`
			`});`
			`return result;`
			`}`
Implicit grant updated 2018-05-09 15:25:49 +00:00			`function getHashParams() {`
			`var hashParams={};`
			`var e,`
			`a = /\+/g, // Regex for replacing addition symbol with a space`
			`r = /([^&;=]+)=?([^&;]*)/g,`
			`d = function (s) { return decodeURIComponent(s.replace(a, " ")); },`
			`q = window.location.hash.substring(1);`
			`while (e = r.exec(q))`
			`hashParams[d(e[1])] = d(e[2]);`
			`return hashParams;`
			`}`
			`var params=getHashParams();`
show errors if needed 2018-02-20 12:46:01 +00:00			`var authstatus="";`
			`if (params.error) {`
			`authstatus = "REFUSED: " + params.error;`
better error message display 2018-04-23 13:23:56 +00:00			`if (params.error_description) {`
			`authstatus += "\n\n" + params.error_description;`
			`}`
:construction: implicit workflow 2018-05-04 16:35:45 +00:00			`if (params.invalid_parameter) {`
			`authstatus += "\n\nInvalid parameter: " + params.invalid_parameter;`
			`}`
better error message display 2018-04-23 13:23:56 +00:00			`if (params.error_uri) {`
:construction: implicit workflow 2018-05-04 16:35:45 +00:00			`authstatus += "\n\n<a href='" + decodeURIComponent(params.error_uri) + "'>" + decodeURIComponent(params.error_uri) + "</a>";`
better error message display 2018-04-23 13:23:56 +00:00			`}`
show errors if needed 2018-02-20 12:46:01 +00:00			`$('#authorization_status').addClass('refused');`
Implicit grant updated 2018-05-09 15:25:49 +00:00			`$('#onaccesstoken').hide();`
show errors if needed 2018-02-20 12:46:01 +00:00			`} else {`
Implicit grant updated 2018-05-09 15:25:49 +00:00			`if (params.access_token) {`
show a blank state when goind directly to the page without params 2018-02-21 16:49:20 +00:00			`authstatus = "AUTHORIZED" ;`
			`$('#authorization_status').addClass('authorized');`
			`} else {`
			`authstatus = "UNKNOWN" ;`
Implicit grant updated 2018-05-09 15:25:49 +00:00			`$('#onaccesstoken').hide();`
show a blank state when goind directly to the page without params 2018-02-21 16:49:20 +00:00			`$('#state-param').html("No state");`
			`}`
show errors if needed 2018-02-20 12:46:01 +00:00			`}`
added more informations in the login page 2018-04-24 11:41:53 +00:00			`$('#urltoken').html( oauthServerTokenUrl );`
			`$('#apiurl').html( resourceProviderTestEndpoint );`
show errors if needed 2018-02-20 12:46:01 +00:00			`$('#authorization_status').html( authstatus );`
			`$('#state-param').html(params.state);`
display error_uri 2018-02-20 12:59:48 +00:00			`if (params.error_uri) {`
			`var erroruri=decodeURIComponent(params.error_uri);`
			`$('#error-info').html("<p>You can have more informations here:</p><a href=\"" + erroruri + "\" target=\"_blank\">" + erroruri + "</a>");`
			`}`
show errors if needed 2018-02-20 12:46:01 +00:00
			`function jwtDecode(t) {`
			`let token = {};`
			`token.raw = t;`
			`token.header = JSON.parse(window.atob(t.split('.')[0]));`
			`token.payload = JSON.parse(window.atob(t.split('.')[1]));`
			`return (token)`
			`}`
Implicit grant updated 2018-05-09 15:25:49 +00:00			`var jwt=jwtDecode(params.access_token).payload;`
			`$('#accesstoken-param').html(params.access_token);`
			`$('#accesstoken-token').html(JSON.stringify(jwt,null,2));`
			`var accessToken=params.access_token;`
full demo with API call 2018-02-13 17:24:01 +00:00			`var makeApiCall = function() {`
cleaner text 2018-02-13 17:34:42 +00:00			`var onError = function(jqXHR,textStatus,errorThrown){`
full demo with API call 2018-02-13 17:24:01 +00:00			`$('#apiresponse').html(errorThrown + " status: " + jqXHR.status`
			`+ "\n---\n"`
			`+ JSON.stringify(jqXHR.responseJSON,null,2))}`
cleaner text 2018-02-13 17:34:42 +00:00			`var onSuccess = function(data,textStatus,jqXHR) {`
full demo with API call 2018-02-13 17:24:01 +00:00			`$("#apiresponse").html(data`
			`+ "\n---\n"`
			`+ JSON.stringify(jqXHR.responseJSON,null,2));}`
			`$.ajax({`
			`type: "GET"`
			`, beforeSend: function(request) {request.setRequestHeader("Authorization","Bearer " + accessToken)}`
cleaner text 2018-02-13 17:34:42 +00:00			`, success: onSuccess`
			`, error: onError`
fixed conf 2018-04-19 14:43:15 +00:00			`, url: resourceProviderTestEndpoint`
full demo with API call 2018-02-13 17:24:01 +00:00			`, contentType: 'application/json'`
			`, crossDomain: true`
			`});`
			`};`
adding token retrieving 2018-02-09 06:45:04 +00:00			`</script>`
initial commit 2018-02-08 16:11:19 +00:00			`</body>`
			`</html>`