Gitiles
Code Review Sign In
gerrit.nordix.org / onap / sdc / f5f13c4f6b6fe3b4d98e349dfd7db59339803436 / . / openecomp-be / tools / swagger-ui / lib / swagger-oauth.js
blob: bec846740a5f384e12ecec4fa4ca5ba64855e260 [file] [log] [blame]
Michael Landof5f13c42017-02-19 12:35:04 +0200[diff] [blame^]1/*-
2 * ============LICENSE_START=======================================================
3 * SDC
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ============LICENSE_END=========================================================
19 */
20
21var appName;
22var popupMask;
23var popupDialog;
24var clientId;
25var realm;
26var oauth2KeyName;
27var redirect_uri;
28var clientSecret;
29var scopeSeparator;
30
31function handleLogin() {
32 var scopes = [];
33
34 var auths = window.swaggerUi.api.authSchemes || window.swaggerUi.api.securityDefinitions;
35 if(auths) {
36 var key;
37 var defs = auths;
38 for(key in defs) {
39 var auth = defs[key];
40 if(auth.type === 'oauth2' && auth.scopes) {
41 oauth2KeyName = key;
42 var scope;
43 if(Array.isArray(auth.scopes)) {
44 // 1.2 support
45 var i;
46 for(i = 0; i < auth.scopes.length; i++) {
47 scopes.push(auth.scopes[i]);
48 }
49 }
50 else {
51 // 2.0 support
52 for(scope in auth.scopes) {
53 scopes.push({scope: scope, description: auth.scopes[scope]});
54 }
55 }
56 }
57 }
58 }
59
60 if(window.swaggerUi.api
61 && window.swaggerUi.api.info) {
62 appName = window.swaggerUi.api.info.title;
63 }
64
65 $('.api-popup-dialog').remove();
66 popupDialog = $(
67 [
68 '<div class="api-popup-dialog">',
69 '<div class="api-popup-title">Select OAuth2.0 Scopes</div>',
70 '<div class="api-popup-content">',
71 '<p>Scopes are used to grant an application different levels of access to data on behalf of the end user. Each API may declare one or more scopes.',
72 '<a href="#">Learn how to use</a>',
73 '</p>',
74 '<p><strong>' + appName + '</strong> API requires the following scopes. Select which ones you want to grant to Swagger UI.</p>',
75 '<ul class="api-popup-scopes">',
76 '</ul>',
77 '<p class="error-msg"></p>',
78 '<div class="api-popup-actions"><button class="api-popup-authbtn api-button green" type="button">Authorize</button><button class="api-popup-cancel api-button gray" type="button">Cancel</button></div>',
79 '</div>',
80 '</div>'].join(''));
81 $(document.body).append(popupDialog);
82
83 popup = popupDialog.find('ul.api-popup-scopes').empty();
84 for (i = 0; i < scopes.length; i ++) {
85 scope = scopes[i];
86 str = '<li><input type="checkbox" id="scope_' + i + '" scope="' + scope.scope + '"/>' + '<label for="scope_' + i + '">' + scope.scope;
87 if (scope.description) {
88 str += '<br/><span class="api-scope-desc">' + scope.description + '</span>';
89 }
90 str += '</label></li>';
91 popup.append(str);
92 }
93
94 var $win = $(window),
95 dw = $win.width(),
96 dh = $win.height(),
97 st = $win.scrollTop(),
98 dlgWd = popupDialog.outerWidth(),
99 dlgHt = popupDialog.outerHeight(),
100 top = (dh -dlgHt)/2 + st,
101 left = (dw - dlgWd)/2;
102
103 popupDialog.css({
104 top: (top < 0? 0 : top) + 'px',
105 left: (left < 0? 0 : left) + 'px'
106 });
107
108 popupDialog.find('button.api-popup-cancel').click(function() {
109 popupMask.hide();
110 popupDialog.hide();
111 popupDialog.empty();
112 popupDialog = [];
113 });
114
115 $('button.api-popup-authbtn').unbind();
116 popupDialog.find('button.api-popup-authbtn').click(function() {
117 popupMask.hide();
118 popupDialog.hide();
119
120 var authSchemes = window.swaggerUi.api.authSchemes;
121 var host = window.location;
122 var pathname = location.pathname.substring(0, location.pathname.lastIndexOf("/"));
123 var defaultRedirectUrl = host.protocol + '//' + host.host + pathname + '/o2c.html';
124 var redirectUrl = window.oAuthRedirectUrl || defaultRedirectUrl;
125 var url = null;
126
127 for (var key in authSchemes) {
128 if (authSchemes.hasOwnProperty(key)) {
129 var flow = authSchemes[key].flow;
130
131 if(authSchemes[key].type === 'oauth2' && flow && (flow === 'implicit' || flow === 'accessCode')) {
132 var dets = authSchemes[key];
133 url = dets.authorizationUrl + '?response_type=' + (flow === 'implicit' ? 'token' : 'code');
134 window.swaggerUi.tokenName = dets.tokenName || 'access_token';
135 window.swaggerUi.tokenUrl = (flow === 'accessCode' ? dets.tokenUrl : null);
136 }
137 else if(authSchemes[key].grantTypes) {
138 // 1.2 support
139 var o = authSchemes[key].grantTypes;
140 for(var t in o) {
141 if(o.hasOwnProperty(t) && t === 'implicit') {
142 var dets = o[t];
143 var ep = dets.loginEndpoint.url;
144 url = dets.loginEndpoint.url + '?response_type=token';
145 window.swaggerUi.tokenName = dets.tokenName;
146 }
147 else if (o.hasOwnProperty(t) && t === 'accessCode') {
148 var dets = o[t];
149 var ep = dets.tokenRequestEndpoint.url;
150 url = dets.tokenRequestEndpoint.url + '?response_type=code';
151 window.swaggerUi.tokenName = dets.tokenName;
152 }
153 }
154 }
155 }
156 }
157 var scopes = []
158 var o = $('.api-popup-scopes').find('input:checked');
159
160 for(k =0; k < o.length; k++) {
161 var scope = $(o[k]).attr('scope');
162
163 if (scopes.indexOf(scope) === -1)
164 scopes.push(scope);
165 }
166
167 // Implicit auth recommends a state parameter.
168 var state = Math.random ();
169
170 window.enabledScopes=scopes;
171
172 redirect_uri = redirectUrl;
173
174 url += '&redirect_uri=' + encodeURIComponent(redirectUrl);
175 url += '&realm=' + encodeURIComponent(realm);
176 url += '&client_id=' + encodeURIComponent(clientId);
177 url += '&scope=' + encodeURIComponent(scopes.join(scopeSeparator));
178 url += '&state=' + encodeURIComponent(state);
179
180 window.open(url);
181 });
182
183 popupMask.show();
184 popupDialog.show();
185 return;
186}
187
188
189function handleLogout() {
190 for(key in window.swaggerUi.api.clientAuthorizations.authz){
191 window.swaggerUi.api.clientAuthorizations.remove(key)
192 }
193 window.enabledScopes = null;
194 $('.api-ic.ic-on').addClass('ic-off');
195 $('.api-ic.ic-on').removeClass('ic-on');
196
197 // set the info box
198 $('.api-ic.ic-warning').addClass('ic-error');
199 $('.api-ic.ic-warning').removeClass('ic-warning');
200}
201
202function initOAuth(opts) {
203 var o = (opts||{});
204 var errors = [];
205
206 appName = (o.appName||errors.push('missing appName'));
207 popupMask = (o.popupMask||$('#api-common-mask'));
208 popupDialog = (o.popupDialog||$('.api-popup-dialog'));
209 clientId = (o.clientId||errors.push('missing client id'));
210 clientSecret = (o.clientSecret||errors.push('missing client secret'));
211 realm = (o.realm||errors.push('missing realm'));
212 scopeSeparator = (o.scopeSeparator||' ');
213
214 if(errors.length > 0){
215 log('auth unable initialize oauth: ' + errors);
216 return;
217 }
218
219 $('pre code').each(function(i, e) {hljs.highlightBlock(e)});
220 $('.api-ic').unbind();
221 $('.api-ic').click(function(s) {
222 if($(s.target).hasClass('ic-off'))
223 handleLogin();
224 else {
225 handleLogout();
226 }
227 false;
228 });
229}
230
231window.processOAuthCode = function processOAuthCode(data) {
232 var params = {
233 'client_id': clientId,
234 'client_secret': clientSecret,
235 'code': data.code,
236 'grant_type': 'authorization_code',
237 'redirect_uri': redirect_uri
238 }
239 $.ajax(
240 {
241 url : window.swaggerUi.tokenUrl,
242 type: "POST",
243 data: params,
244 success:function(data, textStatus, jqXHR)
245 {
246 onOAuthComplete(data);
247 },
248 error: function(jqXHR, textStatus, errorThrown)
249 {
250 onOAuthComplete("");
251 }
252 });
253}
254
255window.onOAuthComplete = function onOAuthComplete(token) {
256 if(token) {
257 if(token.error) {
258 var checkbox = $('input[type=checkbox],.secured')
259 checkbox.each(function(pos){
260 checkbox[pos].checked = false;
261 });
262 alert(token.error);
263 }
264 else {
265 var b = token[window.swaggerUi.tokenName];
266 if(b){
267 // if all roles are satisfied
268 var o = null;
269 $.each($('.auth .api-ic .api_information_panel'), function(k, v) {
270 var children = v;
271 if(children && children.childNodes) {
272 var requiredScopes = [];
273 $.each((children.childNodes), function (k1, v1){
274 var inner = v1.innerHTML;
275 if(inner)
276 requiredScopes.push(inner);
277 });
278 var diff = [];
279 for(var i=0; i < requiredScopes.length; i++) {
280 var s = requiredScopes[i];
281 if(window.enabledScopes && window.enabledScopes.indexOf(s) == -1) {
282 diff.push(s);
283 }
284 }
285 if(diff.length > 0){
286 o = v.parentNode.parentNode;
287 $(o.parentNode).find('.api-ic.ic-on').addClass('ic-off');
288 $(o.parentNode).find('.api-ic.ic-on').removeClass('ic-on');
289
290 // sorry, not all scopes are satisfied
291 $(o).find('.api-ic').addClass('ic-warning');
292 $(o).find('.api-ic').removeClass('ic-error');
293 }
294 else {
295 o = v.parentNode.parentNode;
296 $(o.parentNode).find('.api-ic.ic-off').addClass('ic-on');
297 $(o.parentNode).find('.api-ic.ic-off').removeClass('ic-off');
298
299 // all scopes are satisfied
300 $(o).find('.api-ic').addClass('ic-info');
301 $(o).find('.api-ic').removeClass('ic-warning');
302 $(o).find('.api-ic').removeClass('ic-error');
303 }
304 }
305 });
306 window.swaggerUi.api.clientAuthorizations.add(oauth2KeyName, new SwaggerClient.ApiKeyAuthorization('Authorization', 'Bearer ' + b, 'header'));
307 }
308 }
309 }
310}