working on javascript compatibility for old browsers

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
3 months ago · a519357a5d
5 changed files with 46 additions and 27 deletions
--- a/de.srsoftware.http/src/main/java/de/srsoftware/http/SessionToken.java
+++ b/de.srsoftware.http/src/main/java/de/srsoftware/http/SessionToken.java
@ -2,6 +2,7 @@
				@@ -2,6 +2,7 @@
 package de.srsoftware.http;


+import com.sun.net.httpserver.Headers;
 import com.sun.net.httpserver.HttpExchange;
 import java.util.Optional;

@ -14,6 +15,12 @@ public class SessionToken extends Cookie {
				@@ -14,6 +15,12 @@ public class SessionToken extends Cookie {
 		this.sessionId = sessionId;
 	}

+	@Override
+	public <T extends Cookie> T addTo(Headers headers) {
+		headers.add("session", sessionId);
+		return (T)this;//super.addTo(headers);
+	}
+
 	public static Optional<SessionToken> from(HttpExchange ex) {
 		return Cookie.of(ex)
 		    .stream()
--- a/de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java
+++ b/de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java
@ -71,8 +71,8 @@ public class Application {
				@@ -71,8 +71,8 @@ public class Application {
 		new Forward(INDEX).bindPath(ROOT).on(server);
 		new WellKnownController().bindPath(WELL_KNOWN).on(server);
 		new UserController(fileStore, fileStore, fileStore, staticPages).bindPath(API_USER).on(server);
-		var tokenControllerconfig = new TokenController.Configuration("https://lightoidc.srsoftware.de", 10);  // TODO configure or derive from hostname
-		new TokenController(fileStore, fileStore, keyManager, fileStore, tokenControllerconfig).bindPath(API_TOKEN).on(server);
+		var tokenControllerConfig = new TokenController.Configuration("https://lightoidc.srsoftware.de", 10);  // TODO configure or derive from hostname
+		new TokenController(fileStore, fileStore, keyManager, fileStore, tokenControllerConfig).bindPath(API_TOKEN).on(server);
 		new ClientController(fileStore, fileStore, fileStore).bindPath(API_CLIENT).on(server);
 		new KeyStoreController(keyStore).bindPath(JWKS).on(server);
 		new EmailController(fileStore, fileStore).bindPath(API_EMAIL).on(server);
--- a/de.srsoftware.oidc.web/src/main/resources/en/scripts/common.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/scripts/common.js
@ -58,4 +58,4 @@ function setValue(id,newVal){
				@@ -58,4 +58,4 @@ function setValue(id,newVal){
 function show(id){
    var elem = get(id);
    if (elem) elem.style.display = '';
-}
+}
--- a/de.srsoftware.oidc.web/src/main/resources/en/scripts/login.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/scripts/login.js
@ -1,14 +1,19 @@
				@@ -1,14 +1,19 @@
-    function doRedirect(){
-        let params = new URL(document.location.toString()).searchParams;
-        redirect( params.get("return_to") || 'index.html');
-        return false;
+function doRedirect(){
+    let params = new URL(document.location.toString()).searchParams;
+    redirect( params.get("return_to") || 'index.html');
+    return false;
 }

-async function handleLogin(response){
-    if (response.ok){
-        var body = await response.json();
-        hide('error');
-        setTimeout(doRedirect,100);
+function handleLogin(response){
+    if (response.ok){ 
+        response.headers.forEach(function(val, key) {
+            // in newer browsers, the cookie is set from fetch response. In older browsers this does not seem to work
+            if (key == 'session') document.cookie = 'sessionToken='+val+"; path=/api"
+        });
+       response.json().then(body => {
+          hide('error');
+          setTimeout(doRedirect,100);
+       });
    } else {
        show('error');
    }
@ -48,4 +53,4 @@ function tryLogin(){
				@@ -48,4 +53,4 @@ function tryLogin(){
        })
    }).then(handleLogin);
    return false;
-}
+}
--- a/de.srsoftware.oidc.web/src/main/resources/en/scripts/user.js
+++ b/de.srsoftware.oidc.web/src/main/resources/en/scripts/user.js
@ -1,27 +1,34 @@
				@@ -1,27 +1,34 @@
 var user = null;
-async function handleUser(response){
+
+function handleUser(response){
    if (response.status == UNAUTHORIZED) {
        login();
        return;
    }
    if (response.ok){
-        user = await response.json();
-        fetch(web+"/navigation.html").then(handleNavigation);
+        response.json().then(u => {
+            user = u;
+            fetch(web+"/navigation.html",{credentials:'include'}).then(handleNavigation);
+        });
    }
 }

-async function handleNavigation(response){
+function handleNavigation(response){
    if (response.ok){
-        var content = await response.text();
-        var nav = document.getElementsByTagName('nav')[0];
-        nav.innerHTML = content;
-        var links = nav.getElementsByTagName('a');
-        for (var index = links.length; index > 0; index--){
-            var link = links[index-1];
-            var clazz = link.hasAttribute('class') ? link.getAttribute("class") : null;
-            if (clazz != null && !user.permissions.includes(clazz)) nav.removeChild(link);
-        }
+        response.text().then(content => {
+            var nav = document.getElementsByTagName('nav')[0];
+            nav.innerHTML = content;
+            var links = nav.getElementsByTagName('a');
+            for (var index = links.length; index > 0; index--){
+                var link = links[index-1];
+                var clazz = link.hasAttribute('class') ? link.getAttribute("class") : null;
+                if (clazz != null && !user.permissions.includes(clazz)) nav.removeChild(link);
+            }
+        });
    }
 }

-fetch(user_controller+"/",{method:'POST'}).then(handleUser);
+fetch(user_controller+"/",{
+    method:'POST',
+    credentials:'include'
+}).then(handleUser);