Merge branch 'rkh-token-in-user'

2012-12-17 16:10:16 +01:00 · 2012-12-17 16:10:16 +01:00 · 0ac45a6582
commit 0ac45a6582
parent c44445d8e2 f5fdcc41c6
1 changed files with 11 additions and 11 deletions
--- a/lib/travis/api/app/endpoint/authorization.rb
+++ b/lib/travis/api/app/endpoint/authorization.rb
@ -92,7 +92,6 @@ class Travis::Api::App
        handshake do |user, token, redirect_uri|
          if target_ok? redirect_uri
            content_type :html
-            user = Travis::Api.data(user, version: :v2)
            data = { user: user, token: token, uri: redirect_uri }
            erb(:post_payload, locals: data)
          else
@ -131,10 +130,7 @@ class Travis::Api::App
      get '/post_message/iframe', scope: :public do
        handshake do |user, token, target_origin|
          halt 403, invalid_target(target_origin) unless target_ok? target_origin
-          rendered_user = Travis::Api.data(user, version: :v2)
-          travis_token  = user.tokens.first
-          post_message(token: token, user: rendered_user, target_origin: target_origin,
-                       travis_token: travis_token ? travis_token.token : nil)
+          post_message(token: token, user: user, target_origin: target_origin)
        end
      end

@ -144,6 +140,11 @@ class Travis::Api::App

      private

+        def serialize_user(user)
+          rendered = Travis::Api.data(user, version: :v2)
+          rendered['user'].merge('token' => user.tokens.first.try(:token).to_s)
+        end
+
        def oauth_endpoint
          proxy = Travis.config.oauth2.proxy
          proxy ? File.join(proxy, request.fullpath) : url
@ -167,7 +168,7 @@ class Travis::Api::App
            user                   = user_for_github_token(github_token)
            token                  = generate_token(user: user, app_id: 0)
            payload                = params[:state].split(":::", 2)[1]
-            yield user, token, payload
+            yield serialize_user(user), token, payload
          else
            values[:state]         = create_state
            endpoint.path          = config.authorize_path
@ -419,7 +420,6 @@ function uberParent(win) {
 function sendPayload(win) {
  var payload   = <%= user.to_json %>;
  payload.token = <%= token.inspect %>;
-  payload.travis_token = <%= travis_token ? travis_token.inspect : null %>;
  uberParent(win).postMessage(payload, <%= target_origin.inspect %>);
 }

@ -433,8 +433,8 @@ if(window.parent == window) {
 </script>

@@ post_payload
-<body onload='document.forms[0].submit()'>
-  <form action="<%= uri %>" method='post'>
+<body onload=''>
+  <form action="<%= document.forms[0].submit() %>" method='post'>
    <input type='hidden' name='token'   value='<%= token %>'>
    <input type='hidden' name='user'    value="<%= user.to_json.gsub('"', '&quot;') %>">
    <input type='hidden' name='storage' value='localStorage'>