suzanne.soy/travis-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

implement auth timeout

Browse Source
This commit is contained in:
Konstantin Haase 2012-11-18 21:10:49 +01:00
parent 448501be3a
commit 31da89380a
1 changed files with 40 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
lib/travis/api/app/endpoint/authorization.rb
View File

@ -104,7 +104,7 @@ class Travis::Api::App
# Example usage: # Example usage:
# #
# window.addEventListener("message", function(event) { # window.addEventListener("message", function(event) {
# alert("received token: " + event.data.token); # console.log("received token: " + event.data.token);
# }); # });
# #
# var iframe = $('<iframe />').hide(); # var iframe = $('<iframe />').hide();
@ -256,7 +256,7 @@ __END__
@@ invalid_target @@ invalid_target
<script> <script>
alert('refusing to send a token to <%= target_origin.inspect %>, not whitelisted!'); console.log('refusing to send a token to <%= target_origin.inspect %>, not whitelisted!');
</script> </script>
@@ container @@ container
@ -264,9 +264,11 @@ alert('refusing to send a token to <%= target_origin.inspect %>, not whitelisted
<html> <html>
<body> <body>
<script> <script>
console.log('welcome to the wonderful world of authentication');
var url = window.location.pathname + '/iframe' + window.location.search; var url = window.location.pathname + '/iframe' + window.location.search;
var img = document.createElement('img'); var img = document.createElement('img');
var popUpWindow, timeout;
img.src = "https://third-party-cookies.herokuapp.com/set"; img.src = "https://third-party-cookies.herokuapp.com/set";
img.onload = function() { img.onload = function() {
@ -277,15 +279,38 @@ alert('refusing to send a token to <%= target_origin.inspect %>, not whitelisted
window.document.body.appendChild(img); window.document.body.appendChild(img);
function cookiesCheckCallback(thirdPartyCookiesEnabled) { function iframe() {
if(thirdPartyCookiesEnabled) {
console.log("third party cookies enabled, creating iframe");
var iframe = document.createElement('iframe'); var iframe = document.createElement('iframe');
iframe.src = url; iframe.src = url;
window.document.body.appendChild(iframe); window.document.body.appendChild(iframe);
}
function popUp() {
popUpWindow = window.open(url, 'Signing in...', 'height=400,width=800');
}
window.addEventListener("message", function(event) {
console.log('handshake succeeded, cleaning up');
if(event.data === "done") {
if(timeout) clearTimeout(timeout);
if(popUpWindow && !popUpWindow.closed) popUpWindow.close();
}
});
function cookiesCheckCallback(thirdPartyCookiesEnabled) {
if(thirdPartyCookiesEnabled) {
console.log("third party cookies enabled, creating iframe");
iframe();
timeout = setTimeout(function() {
console.log('handshake taking too long, creating pop-up');
popUp();
}, 5000);
} else { } else {
console.log("third party cookies disabled, creating pop-up"); console.log("third party cookies disabled, creating pop-up");
window.open(url, 'Signing in...', 'height=400,width=800'); if(!popUp()) {
console.log("pop-up failed, trying iframe anyhow");
iframe();
}
} }
} }
</script> </script>
@ -298,6 +323,13 @@ function uberParent(win) {
return win.parent === win ? win : uberParent(win.parent); return win.parent === win ? win : uberParent(win.parent);
} }
function tellEveryone(msg, win) {
if(win == undefined) win = window;
win.postMessage(msg, '*');
if(win.parent != win) tellEveryone(msg, win.parent);
if(win.opener) tellEveryone(msg, win.opener);
}
function sendPayload(win) { function sendPayload(win) {
var payload = <%= user.to_json %>; var payload = <%= user.to_json %>;
payload.token = <%= token.inspect %>; payload.token = <%= token.inspect %>;
@ -309,6 +341,7 @@ if(window.parent == window) {
sendPayload(window.opener); sendPayload(window.opener);
window.close(); window.close();
} else { } else {
tellEveryone('done');
sendPayload(window.parent); sendPayload(window.parent);
} }
</script> </script>