Skip to content

Commit

Permalink
Issue with State Parameter in node-red-contrib-oauth2 #78
Browse files Browse the repository at this point in the history 
Update oauth2.html and oauth2.js

- Added a new input field for "state" in oauth2.html
- Updated the logic in oauth2.js to handle the "state" parameter in the OAuth2 request.
  • Loading branch information
@caputomarcos
caputomarcos committed Nov 20, 2023
1 parent 4f0093f commit bb7e0c1
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 16 deletions.
20 changes: 14 additions & 6 deletions src/oauth2.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,11 @@
<label for="node-input-resource"><i class="fa fa-code fa-fw"></i> <span data-i18n="oauth2.label.resource"></span></label>
<input type="text" id="node-input-resource" data-i18n="[placeholder]oauth2.placeholder.resource" style="width:70%;" />
</div>
<!-- node-state -->
<div class="form-row" id="node-state">
<label for="node-input-state"><i class="fa fa-code fa-fw"></i> <span data-i18n="oauth2.label.state"></span></label>
<input type="text" id="node-input-state" data-i18n="[placeholder]oauth2.placeholder.state" style="width:70%;" />
</div>
<!-- node-open_authentication -->
<div class="form-row" id="node-open_authentication">
<label for="node-input-open_authentication"><i class="fa fa-sign-in fa-fw"></i> <span data-i18n="oauth2.label.open_authentication"></span></label>
Expand Down Expand Up @@ -158,6 +163,7 @@
client_secret: { value: '' },
scope: { value: '' },
resource: { value: ''},
state: { value: '' },
proxy: {
type: 'http proxy',
required: false,
Expand Down Expand Up @@ -219,6 +225,7 @@
$('#node-client_secret').hide();
$('#node-scope').hide();
$('#node-resource').hide();
$('#node-state').hide();
$('#node-rejectUnauthorized').show();
$('#node-client_credentials_in_body').show();
} else if ($('#node-input-grant_type').val() === 'client_credentials') {
Expand All @@ -231,6 +238,7 @@
$('#node-client_secret').show();
$('#node-scope').show();
$('#node-resource').show();
$('#node-state').show();
$('#node-rejectUnauthorized').show();
$('#node-client_credentials_in_body').show();
} else if ($('#node-input-grant_type').val() === 'password') {
Expand All @@ -243,6 +251,7 @@
$('#node-client_secret').show();
$('#node-scope').show();
$('#node-resource').show();
$('#node-state').show();
$('#node-rejectUnauthorized').show();
$('#node-client_credentials_in_body').show();
} else if ($('#node-input-grant_type').val() === 'authorization_code') {
Expand All @@ -255,6 +264,7 @@
$('#node-client_secret').show();
$('#node-scope').show();
$('#node-resource').show();
$('#node-state').show();
$('#node-rejectUnauthorized').show();
$('#node-client_credentials_in_body').show();
}
Expand All @@ -279,23 +289,21 @@
const proxy = $('#node-input-proxy').val();
var scope = $('#node-input-scope').val();
scope = scope.replace(/\n/g, '%20');

var resource = $('#node-input-resource').val();
resource = resource.replace(/\n/g, '%20');

var state = $('#node-input-state').val();
state = state.replace(/\n/g, '%20');
var url;
if (authorizationEndpoint) {
url = `oauth2/auth?id=${encodeURIComponent(id)}&clientId=${encodeURIComponent(clientId)}&clientSecret=${encodeURIComponent(clientSecret)}&scope=${encodeURIComponent(scope)}&resource=${encodeURIComponent(resource)}&callback=${encodeURIComponent(
url = `oauth2/auth?id=${encodeURIComponent(id)}&clientId=${encodeURIComponent(clientId)}&clientSecret=${encodeURIComponent(clientSecret)}&scope=${encodeURIComponent(scope)}&state=${encodeURIComponent(state)}&resource=${encodeURIComponent(resource)}&callback=${encodeURIComponent(
callback
)}&authorizationEndpoint=${encodeURIComponent(authorizationEndpoint)}&redirectUri=${encodeURIComponent(redirectUri)}&proxy=${encodeURIComponent(proxy)}`;
} else {
url = `oauth2/auth?id=${encodeURIComponent(id)}&clientId=${encodeURIComponent(clientId)}&clientSecret=${encodeURIComponent(clientSecret)}&scope=${encodeURIComponent(scope)}&resource=${encodeURIComponent(resource)}&callback=${encodeURIComponent(
url = `oauth2/auth?id=${encodeURIComponent(id)}&clientId=${encodeURIComponent(clientId)}&clientSecret=${encodeURIComponent(clientSecret)}&scope=${encodeURIComponent(scope)}&state=${encodeURIComponent(state)}&resource=${encodeURIComponent(resource)}&callback=${encodeURIComponent(
callback
)}&proxy=${encodeURIComponent(proxy)}`;
}
console.log(url);
$(this).attr('href', url);

window.configNodeIntervalId = window.setTimeout(pollCredentials, 5000);
});
$('#authorizeButton').click(function () {
Expand Down
17 changes: 7 additions & 10 deletions src/oauth2.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ module.exports = function (RED) {
this.client_secret = oauth2Node.client_secret || '';
this.scope = oauth2Node.scope || '';
this.resource = oauth2Node.resource || '';
this.state = oauth2Node.state || '';
this.rejectUnauthorized = oauth2Node.rejectUnauthorized || false;
this.client_credentials_in_body = oauth2Node.client_credentials_in_body || false;
this.headers = oauth2Node.headers || {};
Expand Down Expand Up @@ -98,9 +99,8 @@ module.exports = function (RED) {
this.on('input', async function (msg, Send, Done) {
let options = generateOptions(node, msg);
configureProxy(node);

delete msg.oauth2Request;
options.form = Object.fromEntries(Object.entries(options.form).filter(([, value]) => value !== undefined && value !== ''));
options.form = Object.fromEntries(Object.entries(options.form).filter(([, value]) => value !== undefined && value !== ''));

const setStatus = (node, status, text) => {
node.status({
Expand All @@ -125,7 +125,7 @@ module.exports = function (RED) {

msg[node.container] = response || {};
const errorStatus = response && response.status ? response.status : code;
const errorMessage = response && response.statusText ? response.statusText : message;
const errorMessage = response && response.statusText ? response.statusText : message;
const statusText = `HTTP ${errorStatus}, ${errorMessage}`;

setStatus(node, 'red', statusText);
Expand Down Expand Up @@ -154,6 +154,7 @@ module.exports = function (RED) {
baseOptions.form.grant_type = msg.oauth2Request.credentials.grant_type;
baseOptions.form.scope = msg.oauth2Request.credentials.scope;
baseOptions.form.resource = msg.oauth2Request.credentials.resource;
baseOptions.form.state = msg.oauth2Request.credentials.state;

// Additional configurations based on grant type
if (msg.oauth2Request.credentials.grant_type === 'password') {
Expand All @@ -166,16 +167,15 @@ module.exports = function (RED) {
if (node.client_credentials_in_body) {
baseOptions.form.client_id = msg.oauth2Request.credentials.client_id;
baseOptions.form.client_secret = msg.oauth2Request.credentials.client_secret;
baseOptions.headers = Object.fromEntries(
Object.entries(baseOptions.headers).filter(([key,]) => key !== 'Authorization')
);
baseOptions.headers = Object.fromEntries(Object.entries(baseOptions.headers).filter(([key]) => key !== 'Authorization'));
}
} else {
baseOptions.url = node.access_token_url;
baseOptions.headers.Authorization = 'Basic ' + Buffer.from(`${node.client_id}:${node.client_secret}`).toString('base64');
baseOptions.form.grant_type = node.grant_type;
baseOptions.form.scope = node.scope;
baseOptions.form.resource = node.resource;
baseOptions.form.state = node.state;

// Additional configurations based on grant type
if (node.grant_type === 'password') {
Expand All @@ -185,9 +185,7 @@ module.exports = function (RED) {
if (node.client_credentials_in_body) {
baseOptions.form.client_id = node.client_id;
baseOptions.form.client_secret = node.client_secret;
baseOptions.headers = Object.fromEntries(
Object.entries(baseOptions.headers).filter(([key,]) => key !== 'Authorization')
);
baseOptions.headers = Object.fromEntries(Object.entries(baseOptions.headers).filter(([key]) => key !== 'Authorization'));
}

const credentials = RED.nodes.getCredentials(node.id);
Expand Down Expand Up @@ -256,7 +254,6 @@ module.exports = function (RED) {
})
});
}

}
}

Expand Down

0 comments on commit bb7e0c1

Please sign in to comment.