working on javascript compatibility for old browsers

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>

de.srsoftware.oidc.web/src/main/resources/en/scripts/authorization.js

@@ -1,24 +1,35 @@
 var params = new URLSearchParams(window.location.search)
-var json = Object.fromEntries(params);
+var json = paramsToObject(params);
 var scopes = {};
 
+// Replacement for Object.toEntries(…)
+function paramsToObject(entries) {
+  const result = {};
+  for(var key of entries) { // each 'entry' is a [key, value] tupple
+    result[key[0]] = key[1];
+  }
+  return result;
+}
+
+
 function showConfirmationDialog(name){
     get('name').innerHTML = name;
     show('content');
 }
 
-async function showScope(response,scope){
+function showScope(response,scope){
     if (response.ok){
-        var content = await response.text();
+        response.text().then(content => {
-        get('scopes').innerHTML += content;
+            get('scopes').innerHTML += content
+        });
     } else {
         get('scopes').innerHTML += '<li>'+scope+' (???)</li>';
     }
 }
 
-async function handleResponse(response){
+function handleResponse(response){
     if (response.ok){
-        var json = await response.json();
+        response.json().then(json => {
             if (json.rp) {
                 setText("rp",json.rp);
                 setText("rp2",json.rp);
@@ -27,26 +38,29 @@ async function handleResponse(response){
             if (json.unauthorized_scopes){
                 scopes = json.unauthorized_scopes;
                 for (var scope of json.unauthorized_scopes){
-                fetch(web+"scopes/"+scope+".html").then(response => showScope(response,scope))
+                    fetch(web+"scopes/"+scope+".html",{credentials:'include'}).then(response => showScope(response,scope))
                 }
                 show("content");
                 return;
             }
             if (json.scope){
-            var url = params.get('redirect_uri') + '?' + new URLSearchParams(json).toString();
+                var query = Object.keys(json).map(key => `${key}=${encodeURIComponent(json[key])}`).join('&');
+                var url = params.get('redirect_uri') + '?' + query.toString();
                 redirect(url);
                 return;
             }
             show('missing_scopes');
+        });
     } else {
         console.log("handleResponse(…) ← ",response);
         if (response.status == 401){
             login();
             return;
         }
-        var json = await response.json();
+        response.json().then(json => {
             setText('error',"Error: <br/>"+json.error_description);
             show('error');
+        });
         if (json.error != "invalid_request_uri"){
             var url = params.get('redirect_uri') + '?' + new URLSearchParams(json).toString();
             console.log('redirecting to '+url);
@@ -70,7 +84,8 @@ function backendAutorization(){
         body: JSON.stringify(json),
         headers: {
             'Content-Type': 'application/json'
-        }
+        },
+        credentials:'include'
     }).then(handleResponse);
 }
 

de.srsoftware.oidc.web/src/main/resources/en/scripts/logout.js

@@ -2,4 +2,4 @@ function handleLogout(response){
     if (response.ok) document.body.innerHTML += 'success';
     redirect('index.html')
 }
-fetch(user_controller+"/logout").then(handleLogout)
+fetch(user_controller+"/logout",{credentials:'include'}).then(handleLogout)