improving path handling, working on authorization flow

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
2024-07-21 00:46:23 +02:00
parent 9ee963924d
commit 993c59bfa6
14 changed files with 278 additions and 100 deletions
--- a/de.srsoftware.oidc.web/src/main/resources/en/authorization.html
+++ b/de.srsoftware.oidc.web/src/main/resources/en/authorization.html
@@ -0,0 +1,13 @@
+<html>
+<head>
+    <meta charset="utf-8">
+    <title>Light OIDC</title>
+    <script src="config.js"></script>
+    <script src="user.js"></script>
+    <script src="authorization.js"></script>
+</head>
+<body>
+<h1>Authorization!</h1>
+Not implemented, yet!
+</body>
+</html>
--- a/de.srsoftware.oidc.web/src/main/resources/en/authorization.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/authorization.js
@@ -0,0 +1,11 @@
+var params = new URLSearchParams(window.location.search)
+var json = Object.fromEntries(params);
+
+fetch(api+"/authorize",{
+    method: 'POST',
+    body: JSON.stringify(json),
+    headers: {
+        'Content-Type': 'application/json'
+    }
+})
+
--- a/de.srsoftware.oidc.web/src/main/resources/en/favicon.ico
+++ b/de.srsoftware.oidc.web/src/main/resources/en/favicon.ico
--- a/de.srsoftware.oidc.web/src/main/resources/en/index.html
+++ b/de.srsoftware.oidc.web/src/main/resources/en/index.html
@@ -1,10 +1,24 @@
 <html>
    <head>
+        <meta charset="utf-8">
        <title>Light OIDC</title>
        <script src="config.js"></script>
-        <script src="index.js"></script>
+        <script src="user.js"></script>
    </head>
    <body>
        <h1>Welcome!</h1>
+        <h2>Connected sites</h2>
+        These are sites that are connected with your account:
+        <table>
+            <tr>
+                <th>Site</th>
+                <th>Actions</th>
+            </tr>
+            <tr>
+                <td>
+                    <button onclick="window.location.href='newclient.html';">Add new site…</button>
+                </td>
+            </tr>
+        </table>
    </body>
 </html>
--- a/de.srsoftware.oidc.web/src/main/resources/en/index.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/index.js
@@ -1,7 +0,0 @@
-const UNAUTHORIZED = 401;
-
-function handleUser(response){
-    console.log(response);
-}
-
-fetch(api+"/user").then(handleUser);
--- a/de.srsoftware.oidc.web/src/main/resources/en/login.html
+++ b/de.srsoftware.oidc.web/src/main/resources/en/login.html
@@ -1,25 +1,24 @@
 <html>
    <head>
+        <meta charset="utf-8">
        <title>Light OIDC</title>
        <script src="config.js"></script>
-        <script src="index.js"></script>
+        <script src="login.js"></script>
    </head>
    <body>
        <h1>Login</h1>
-        <form id="login">
-            <fieldset>
-                <legend>User credentials</legend>
+        <fieldset id="login">
+            <legend>User credentials</legend>
            <label>
                Username
-                <input type="text" name="username" />
+                <input type="text" id="username" />
            </label>
            <label>
                Password
-                <input type="password" name="password" />
+                <input type="password" id="password" />
            </label>
            <button type="button" onClick="tryLogin()">Login</button>
-            </fieldset>
-        </form>
+        </fieldset>
        <div id="error"></div>
    </body>
 </html>
--- a/de.srsoftware.oidc.web/src/main/resources/en/login.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/login.js
@@ -0,0 +1,33 @@
+async function handleLogin(response){
+    if (response.ok){
+        var body = await response.json();
+
+        setTimeout(doRedirect,100);
+    }
+    return false;
+}
+
+function doRedirect(){
+        let params = new URL(document.location.toString()).searchParams;
+        let redirect = params.get("return_to") || 'index.html';
+        window.location.href = redirect,true;
+        return false;
+}
+
+function tryLogin(){
+    document.getElementById("error").innerHTML = "";
+    var username = document.getElementById('username').value;
+    var password = document.getElementById('password').value;
+    fetch(api+"/login",{
+        method: 'POST',
+        headers: {
+          Accept: 'application/json',
+          'Content-Type': 'application/json'
+        },
+        body: JSON.stringify({
+            username : username,
+            password : password
+        })
+    }).then(handleLogin);
+    return false;
+}
--- a/de.srsoftware.oidc.web/src/main/resources/en/newclient.html
+++ b/de.srsoftware.oidc.web/src/main/resources/en/newclient.html
@@ -0,0 +1,28 @@
+<html>
+<head>
+    <meta charset="utf-8">
+    <title>Light OIDC</title>
+    <script src="config.js"></script>
+    <script src="user.js"></script>
+</head>
+<body>
+<h1>Add new client</h1>
+<fieldset>
+    <legend>Settings</legend>
+    <table>
+        <tr>
+            <th>client name</th>
+            <td><input type="text" size="50" id="client-name"></td>
+        </tr>
+        <tr>
+            <th>client secret</th>
+            <td><input type="text" size="50" id="client-secret"></td>
+        </tr>
+        <tr>
+            <th>redirect urls</th>
+            <td><textarea cols="50" rows="5" id="redirect-urls"></textarea></td>
+        </tr>
+    </table>
+</fieldset>
+</body>
+</html>
--- a/de.srsoftware.oidc.web/src/main/resources/en/user.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/user.js
@@ -0,0 +1,12 @@
+const UNAUTHORIZED = 401;
+
+async function handleUser(response){
+    if (response.status == UNAUTHORIZED) {
+        window.location.href = 'login.html?return_to='+encodeURI(window.location.href);
+        return;
+    }
+    var user = await response.json();
+    // TODO: load navigation
+}
+
+fetch(api+"/user",{method:'POST'}).then(handleUser);