first stab at a popup flow

2012-11-17 17:55:21 +01:00 · 2012-11-17 17:55:21 +01:00 · 2b3579e6dd
commit 2b3579e6dd
parent eabc178dec
1 changed files with 33 additions and 13 deletions
--- a/lib/travis/api/app/endpoint/authorization.rb
+++ b/lib/travis/api/app/endpoint/authorization.rb
@ -116,6 +116,12 @@ class Travis::Api::App
      # recommended to redirect to [/auth/handshake](#/auth/handshake) if no
      # token is being received.
      get '/post_message', scope: :public do
+        content_type :html
+        response.set_cookie('cookie_check', '1')
+        erb :container
+      end
+
+      get '/post_message/iframe', scope: :public do
        handshake do |user, token, target_origin|
          halt 403, invalid_target(target_origin) unless target_ok? target_origin
          rendered_user = Travis::Api.data(user, version: :v2)
@ -254,20 +260,34 @@ __END__
 alert('refusing to send a token to <%= target_origin.inspect %>, not whitelisted!');
 </script>

-@@ post_message
+@@ container
 <script>
-var receiver = window.parent === window ? window.opener : window.parent;
-var payload = <%= user.to_json %>;
-payload.token = <%= token.inspect %>;
-payload.travis_token = <%= travis_token ? travis_token.inspect : null %>;
-if(window.parent === window) {
-  if(window.opener) {
-    window.opener.postMessage(payload, <%= target_origin.inspect %>);
-    window.close();
-  } else {
-    document.write('needs to be loaded in an iframe or pop-up');
-  }
+var url = window.location.pathname + '/iframe' + window.location.search;
+alert(document.cookie);
+if(document.cookie.indexOf('cookie_check') < 0) {
+  window.open(url, 'Signing in...', 'height=400,width=800');
 } else {
-  window.parent.postMessage(payload, <%= target_origin.inspect %>);
+  document.write('<iframe src="'+url+'" />');
+}
+</script>
+
+@@ post_message
+<script>
+function uberParent(win) {
+  return win.parent === win ? win : uberParent(win.parent);
+}
+
+function sendPayload(win) {
+  var payload          = <%= user.to_json %>;
+  payload.token        = <%= token.inspect %>;
+  payload.travis_token = <%= travis_token ? travis_token.inspect : null %>;
+  uberParent(win).postMessage(payload, <%= target_origin.inspect %>);
+}
+
+if(window.parent == window) {
+  sendPayload(window.opener);
+  window.close();
+} else {
+  sendPayload(window.parent);
 }
 </script>