Skip to content

Commit

Permalink
feat(code): #13: remove authorizationCodeOnly feature
Browse files Browse the repository at this point in the history
  • Loading branch information
Michael Oberwasserlechner committed Feb 8, 2019
1 parent 6060296 commit 27f8e84
Show file tree
Hide file tree
Showing 6 changed files with 31 additions and 35 deletions.
3 changes: 0 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,6 @@ For security reasons this plugin does not support the authorization code flow wi
That would include storing your **client secret** in client code which is highly insecure and not recommended.
That flow should only be used on the backend (server).

But it is possible to use this plugin as part of that server side implementation
by using `authorizationCodeOnly=true` and `responseType="code"`, so you get the authorization code for the server side steps.

## Installation

`npm i -E @byteowls/capacitor-oauth2`
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ public class OAuth2ClientPlugin extends Plugin {
private static final String PARAM_RESOURCE_URL = "resourceUrl";
private static final String RESPONSE_TYPE_CODE = "code";
private static final String RESPONSE_TYPE_TOKEN = "token";
private static final String PARAM_AUTHORIZATION_CODE_ONLY = "authorizationCodeOnly";
// private static final String PARAM_AUTHORIZATION_CODE_ONLY = "authorizationCodeOnly";

private OAuth2Options oauth2Options;
private AuthorizationService authService;
Expand Down Expand Up @@ -193,13 +193,13 @@ protected OAuth2Options buildOptions(PluginCall call) {
if (o.getState() == null || o.getState().trim().length() == 0) {
o.setState(ConfigUtils.getRandomString(20));
}
o.setAuthorizationCodeOnly(ConfigUtils.getCallParam(Boolean.class, call, OAuth2ClientPlugin.PARAM_AUTHORIZATION_CODE_ONLY, false));
if (o.isAuthorizationCodeOnly()) {
if (!RESPONSE_TYPE_CODE.equals(o.getResponseType())) {
Log.w(getLogTag(), "'" + PARAM_AUTHORIZATION_CODE_ONLY + "' is 'true' so '" + PARAM_RESPONSE_TYPE + "' must be 'code'! We fix that for you.");
}
o.setResponseType(RESPONSE_TYPE_CODE);
}
// o.setAuthorizationCodeOnly(ConfigUtils.getCallParam(Boolean.class, call, OAuth2ClientPlugin.PARAM_AUTHORIZATION_CODE_ONLY, false));
// if (o.isAuthorizationCodeOnly()) {
// if (!RESPONSE_TYPE_CODE.equals(o.getResponseType())) {
// Log.w(getLogTag(), "'" + PARAM_AUTHORIZATION_CODE_ONLY + "' is 'true' so '" + PARAM_RESPONSE_TYPE + "' must be 'code'! We fix that for you.");
// }
// o.setResponseType(RESPONSE_TYPE_CODE);
// }

if (o.getResponseType() == null || o.getResponseType().length() == 0) {
// fallback to token
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ public class OAuth2Options {
private String responseType;
private String scope;
private String state;
private boolean authorizationCodeOnly;
// private boolean authorizationCodeOnly;
private String redirectUrl;
private String customHandlerClass;

Expand Down Expand Up @@ -72,13 +72,13 @@ public void setState(String state) {
this.state = state;
}

public boolean isAuthorizationCodeOnly() {
return authorizationCodeOnly;
}

public void setAuthorizationCodeOnly(boolean authorizationCodeOnly) {
this.authorizationCodeOnly = authorizationCodeOnly;
}
// public boolean isAuthorizationCodeOnly() {
// return authorizationCodeOnly;
// }
//
// public void setAuthorizationCodeOnly(boolean authorizationCodeOnly) {
// this.authorizationCodeOnly = authorizationCodeOnly;
// }

public String getRedirectUrl() {
return redirectUrl;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ public class OAuth2ClientPlugin: CAPPlugin {
let PARAM_RESOURCE_URL = "resourceUrl"
let RESPONSE_TYPE_CODE = "code"
let RESPONSE_TYPE_TOKEN = "token"
let PARAM_AUTHORIZATION_CODE_ONLY = "authorizationCodeOnly"
// let PARAM_AUTHORIZATION_CODE_ONLY = "authorizationCodeOnly"

var oauthSwift: OAuth2Swift?
var handlerClasses = [String: OAuth2CustomHandler.Type]()
Expand Down
12 changes: 6 additions & 6 deletions src/definitions.ts
Original file line number Diff line number Diff line change
Expand Up @@ -56,12 +56,12 @@ export interface OAuth2AuthenticateOptions {
*/
state?: string;

/**
* Force the lib to only return the authorization code in the result.
* If true we use the code flow and the requestType is always "code".
* This becomes handy if you want to use it as part of a server side authorization code flow.
*/
authorizationCodeOnly?: boolean;
// /**
// * Force the lib to only return the authorization code in the result.
// * If true we use the code flow and the requestType is always "code".
// * This becomes handy if you want to use it as part of a server side authorization code flow.
// */
// authorizationCodeOnly?: boolean;
/**
* Custom options for the platform "web"
*/
Expand Down
17 changes: 8 additions & 9 deletions src/web.ts
Original file line number Diff line number Diff line change
Expand Up @@ -81,15 +81,14 @@ export class OAuth2ClientPluginWeb extends WebPlugin implements OAuth2ClientPlug
// code flow
let authorizationCode = urlParamObj.code;
if (authorizationCode) {
if (options.authorizationCodeOnly) {
let resp = {
authorization_code: authorizationCode,
};
resolve(resp);
} else {
// TODO PKCE

}
// if (options.authorizationCodeOnly) {
// let resp = {
// authorization_code: authorizationCode,
// };
// resolve(resp);
// } else {
// // TODO PKCE
// }
} else {
reject(new Error("No authorization code found!"));
}
Expand Down

0 comments on commit 27f8e84

Please sign in to comment.