updated account chooser app, made it more generic

mitreid-connect · Mar 14, 2013 · be801cc · be801cc
1 parent b963e74
commit be801cc
Show file tree

Hide file tree

Showing 5 changed files with 643 additions and 85 deletions.
diff --git a/index.html b/index.html
@@ -1,13 +1,10 @@
-
-
-
 <!DOCTYPE html>
 <html lang="en">
 <head>
 
 
     <meta charset="utf-8">
-    <title>OpenID Connect - welcome</title>
+    <title>OpenID Connect Account Chooser</title>
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <meta name="description" content="">
     <meta name="author" content="">
@@ -53,7 +50,7 @@
                 <span class="icon-bar"></span>
                 <span class="icon-bar"></span>
             </a>
-            <a class="brand" href="#">MITRE Partnership Network</a>
+            <a class="brand" href="#">OpenID Connect Account Chooser</a>
         </div>
     </div>
 </div>
@@ -81,21 +78,36 @@ <h2 class="well-small">Sign in</h2>
 ================================================== -->
 <!-- Placed at the end of the document so the pages load faster -->
 <script type="text/javascript" src="resources/js/jquery.min.js"></script>
+<script type="text/javascript" src="resources/js/jquery.cookie.js"></script>
+<script type="text/javascript" src="resources/js/jquery.query.js"></script>
+<script type="text/javascript" src="resources/js/purl.js"></script>
 <script type="text/javascript" src="resources/bootstrap2/js/bootstrap.min.js"></script>
 <script type="text/javascript" src="resources/js/underscore-min.js"></script>
 <script type="text/javascript" src="resources/js/app.js"></script>
 
 <script type="text/html" id="tmpl-button">
-    <div class="span3"><a class="btn btn-large btn-primary"><i class="icon-user icon-white"></i>
-        Sign in with <%=descriptor%></a>
+    <div class="span3">
+		<a class="btn btn-large btn-primary">
+			<% if (image) { %>
+			<div><img src="<%=image%>"></div>
+			<% } %>
+			<div>
+				<i class="icon-user icon-white"></i>
+    	    	Sign in with <%=descriptor%>
+			</div>
+		</a>
 
         <p class="well-small">(<a href="#">learn more</a>)</p></div>
 </script>
 
 <script type="text/html" id="tmpl-error-client">
     <div class="alert alert-error span12">
-        <strong>Well, this is awkward. </strong> The client id and/or redirect URI is not supported at this time.
+        <strong>Warning.</strong> The redirect URI given has not been registered with this Account Chooser, proceed carefully.
     </div>
+
+	<div>
+		Click to return to the your application: <a href="<%=redirectUrl%>"><%=redirectUrl%></a>
+	</div>
 </script>
 
 

diff --git a/resources/js/app.js b/resources/js/app.js
@@ -1,40 +1,3 @@
-/**
- *
- * Appending extra helpers to browser globals
- *
- */
-
-location.getURLParameter = function (name) {
-    return decodeURI(
-        (new RegExp(name + '=' + '(.+?)(&|$)').exec(location.search)||[,null])[1]
-    );
-};
-
-document.createCookie = function (name,value,days) {
-    if (days) {
-        var date = new Date();
-        date.setTime(date.getTime()+(days*24*60*60*1000));
-        var expires = "; expires="+date.toGMTString();
-    }
-    else var expires = "";
-    document.cookie = name+"="+value+expires+"; path=/";
-};
-
-document.readCookie = function(name) {
-    var nameEQ = name + "=";
-    var ca = document.cookie.split(';');
-    for(var i=0;i < ca.length;i++) {
-        var c = ca[i];
-        while (c.charAt(0)==' ') c = c.substring(1,c.length);
-        if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length);
-    }
-    return null;
-};
-
-document.eraseCookie = function(name) {
-    document.createCookie(name,"",-1);
-};
-
 /**
  *
  * Our global app functions are in the app namespace
@@ -44,20 +7,6 @@ var app = {};
 var OIDCclients = [];
 var OIDCproviders = [];
 
-app.validateClient = function (client_id, redirect_uri) {
-
-    for (var i in OIDCclients) {
-
-        var client = OIDCclients[i];
-        if (client.clientID == client_id) {
-            return ($.inArray(redirect_uri, client.redirectURIs) != -1);
-        }
-    }
-
-    return false;
-};
-
-
 /**
  *
  * Begin main
@@ -80,33 +29,41 @@ $(function () {
         OIDCproviders = data;
     });
 
+    jQuery.ajaxSetup({async:true});
+
     // get some URL parameters and persist them via cookies
-    var redirect_uri = decodeURIComponent(location.getURLParameter("redirect_uri"));
-    var client_id = location.getURLParameter("client_id");
-
-    if (redirect_uri != "null") document.createCookie("redirect_uri",redirect_uri,1);
-    if (client_id != "null") document.createCookie("client_id",client_id,1);
-
-    // before we render the page let's validate our client and redirect uri
-    if (app.validateClient(document.readCookie("client_id"),document.readCookie("redirect_uri"))) {
-
-        // build some buttons
-        var button_tmpl = _.template($('#tmpl-button').html());
-
-        $.each(OIDCproviders, function (key, button) {
-
-            // build a button and append it
-            var $buttonEl = $(button_tmpl(button)).appendTo('#button-container');
-
-            // bind a click event
-            $("a", $buttonEl).click(function () {
-                // Account Chooser Sends the End-User back to the Client
-                document.location.href = document.readCookie("redirect_uri") + '?issuer=' + encodeURI(button.issuer);
-            });
-
+    var redirect_uri = $.query.get('redirect_uri');
+
+    var last_issuer = $.cookie('last_issuer');
+
+    // build some buttons
+    var button_tmpl = _.template($('#tmpl-button').html());
+    var error_tmpl = _.template($('#tmpl-error-client').html());
+
+    $.each(OIDCproviders, function (key, button) {
+
+        // build a button and append it
+        var $buttonEl = $(button_tmpl(button)).appendTo('#button-container');
+
+        // bind a click event
+        $("a", $buttonEl).click(function () {
+
+        	$.cookie('last_issuer', button.issuer);
+
+            // Account Chooser Sends the End-User back to the Client
+            //document.location.href = document.readCookie("redirect_uri") + '?issuer=' + encodeURI(button.issuer);
+
+        	// TODO: make this safer for existing query parameters if they exist by using a parser of some type
+        	var redirect_to = redirect_uri + (redirect_uri.indexOf("?") !== -1 ? "&" : "?") + "iss=" + encodeURI(button.issuer);
+
+        	if ($.inArray(redirect_uri, OIDCclients) != -1) {
+        		window.location.href = redirect_to;
+        	} else {
+        		$("#content").html(error_tmpl({redirectUrl: redirect_to}));
+        	}
+
         });
-    } else {
-        $("#content").html($("#tmpl-error-client").html());
-    }
+
+    });
 
 });
diff --git a/resources/js/jquery.cookie.js b/resources/js/jquery.cookie.js
@@ -0,0 +1,94 @@
+/*!
+ * jQuery Cookie Plugin v1.3.1
+ * https://github.com/carhartl/jquery-cookie
+ *
+ * Copyright 2013 Klaus Hartl
+ * Released under the MIT license
+ */
+(function (factory) {
+	if (typeof define === 'function' && define.amd) {
+		// AMD. Register as anonymous module.
+		define(['jquery'], factory);
+	} else {
+		// Browser globals.
+		factory(jQuery);
+	}
+}(function ($) {
+
+	var pluses = /\+/g;
+
+	function raw(s) {
+		return s;
+	}
+
+	function decoded(s) {
+		return decodeURIComponent(s.replace(pluses, ' '));
+	}
+
+	function converted(s) {
+		if (s.indexOf('"') === 0) {
+			// This is a quoted cookie as according to RFC2068, unescape
+			s = s.slice(1, -1).replace(/\\"/g, '"').replace(/\\\\/g, '\\');
+		}
+		try {
+			return config.json ? JSON.parse(s) : s;
+		} catch(er) {}
+	}
+
+	var config = $.cookie = function (key, value, options) {
+
+		// write
+		if (value !== undefined) {
+			options = $.extend({}, config.defaults, options);
+
+			if (typeof options.expires === 'number') {
+				var days = options.expires, t = options.expires = new Date();
+				t.setDate(t.getDate() + days);
+			}
+
+			value = config.json ? JSON.stringify(value) : String(value);
+
+			return (document.cookie = [
+				config.raw ? key : encodeURIComponent(key),
+				'=',
+				config.raw ? value : encodeURIComponent(value),
+				options.expires ? '; expires=' + options.expires.toUTCString() : '', // use expires attribute, max-age is not supported by IE
+				options.path    ? '; path=' + options.path : '',
+				options.domain  ? '; domain=' + options.domain : '',
+				options.secure  ? '; secure' : ''
+			].join(''));
+		}
+
+		// read
+		var decode = config.raw ? raw : decoded;
+		var cookies = document.cookie.split('; ');
+		var result = key ? undefined : {};
+		for (var i = 0, l = cookies.length; i < l; i++) {
+			var parts = cookies[i].split('=');
+			var name = decode(parts.shift());
+			var cookie = decode(parts.join('='));
+
+			if (key && key === name) {
+				result = converted(cookie);
+				break;
+			}
+
+			if (!key) {
+				result[name] = converted(cookie);
+			}
+		}
+
+		return result;
+	};
+
+	config.defaults = {};
+
+	$.removeCookie = function (key, options) {
+		if ($.cookie(key) !== undefined) {
+			$.cookie(key, '', $.extend(options, { expires: -1 }));
+			return true;
+		}
+		return false;
+	};
+
+}));