mirror of
https://github.com/plankanban/planka.git
synced 2025-07-18 20:59:44 +02:00
122 lines
3.2 KiB
JavaScript
122 lines
3.2 KiB
JavaScript
import { nanoid } from 'nanoid';
|
|
import { call, put, select } from 'redux-saga/effects';
|
|
import { replace } from '../../../lib/redux-router';
|
|
|
|
import selectors from '../../../selectors';
|
|
import actions from '../../../actions';
|
|
import api from '../../../api';
|
|
import { setAccessToken } from '../../../utils/access-token-storage';
|
|
import Paths from '../../../constants/Paths';
|
|
|
|
export function* initializeLogin() {
|
|
const { item: config } = yield call(api.getConfig); // TODO: handle error
|
|
|
|
yield put(actions.initializeLogin(config));
|
|
}
|
|
|
|
export function* authenticate(data) {
|
|
yield put(actions.authenticate(data));
|
|
|
|
let accessToken;
|
|
try {
|
|
({ item: accessToken } = yield call(api.createAccessToken, data));
|
|
} catch (error) {
|
|
yield put(actions.authenticate.failure(error));
|
|
return;
|
|
}
|
|
|
|
yield call(setAccessToken, accessToken);
|
|
yield put(actions.authenticate.success(accessToken));
|
|
}
|
|
|
|
export function* authenticateUsingOidc() {
|
|
const oidcConfig = yield select(selectors.selectOidcConfig);
|
|
|
|
const state = nanoid();
|
|
window.localStorage.setItem('oidc-state', state);
|
|
|
|
const nonce = nanoid();
|
|
window.localStorage.setItem('oidc-nonce', nonce);
|
|
|
|
let redirectUrl = `${oidcConfig.authorizationUrl}`;
|
|
redirectUrl += `&state=${encodeURIComponent(state)}`;
|
|
redirectUrl += `&nonce=${encodeURIComponent(nonce)}`;
|
|
|
|
window.location.href = redirectUrl;
|
|
}
|
|
|
|
export function* authenticateUsingOidcCallback() {
|
|
// https://github.com/plankanban/planka/issues/511#issuecomment-1771385639
|
|
const params = new URLSearchParams(window.location.hash.substring(1) || window.location.search);
|
|
|
|
const state = window.localStorage.getItem('oidc-state');
|
|
window.localStorage.removeItem('oidc-state');
|
|
|
|
const nonce = window.localStorage.getItem('oidc-nonce');
|
|
window.localStorage.removeItem('oidc-nonce');
|
|
|
|
yield put(replace(Paths.LOGIN));
|
|
|
|
if (params.get('error') !== null) {
|
|
yield put(
|
|
actions.authenticateUsingOidc.failure(
|
|
new Error(
|
|
`OIDC Authorization error: ${params.get('error')}: ${params.get('error_description')}`,
|
|
),
|
|
),
|
|
);
|
|
return;
|
|
}
|
|
|
|
const code = params.get('code');
|
|
if (code === null) {
|
|
yield put(
|
|
actions.authenticateUsingOidc.failure(new Error('Invalid OIDC response: no code parameter')),
|
|
);
|
|
return;
|
|
}
|
|
|
|
if (params.get('state') !== state) {
|
|
yield put(
|
|
actions.authenticateUsingOidc.failure(
|
|
new Error('Unable to process OIDC response: state mismatch'),
|
|
),
|
|
);
|
|
return;
|
|
}
|
|
|
|
if (nonce === null) {
|
|
yield put(
|
|
actions.authenticateUsingOidc.failure(
|
|
new Error('Unable to process OIDC response: no nonce issued'),
|
|
),
|
|
);
|
|
return;
|
|
}
|
|
|
|
let accessToken;
|
|
try {
|
|
({ item: accessToken } = yield call(api.exchangeForAccessTokenUsingOidc, {
|
|
code,
|
|
nonce,
|
|
}));
|
|
} catch (error) {
|
|
yield put(actions.authenticateUsingOidc.failure(error));
|
|
return;
|
|
}
|
|
|
|
yield call(setAccessToken, accessToken);
|
|
yield put(actions.authenticateUsingOidc.success(accessToken));
|
|
}
|
|
|
|
export function* clearAuthenticateError() {
|
|
yield put(actions.clearAuthenticateError());
|
|
}
|
|
|
|
export default {
|
|
initializeLogin,
|
|
authenticate,
|
|
authenticateUsingOidc,
|
|
authenticateUsingOidcCallback,
|
|
clearAuthenticateError,
|
|
};
|