gcg/static-cms
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat: Adds PKCE authentication for GitLab closes #5236 (#5239)

Browse Source
This commit is contained in:
Eric Krebs
2021-04-14 03:50:53 -05:00
committed by GitHub
parent 2a06244f77
commit 829409e0bc
7 changed files with 206 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
packages/netlify-cms-lib-auth/src/implicit-oauth.js
View File

@ -1,20 +1,7 @@
import { Map } from 'immutable';
import trim from 'lodash/trim';
import trimEnd from 'lodash/trimEnd';
import uuid from 'uuid/v4';
function createNonce() {
const nonce = uuid();
window.sessionStorage.setItem('netlify-cms-auth', JSON.stringify({ nonce }));
return nonce;
}
function validateNonce(check) {
const auth = window.sessionStorage.getItem('netlify-cms-auth');
const valid = auth && JSON.parse(auth).nonce;
window.localStorage.removeItem('netlify-cms-auth');
return check === valid;
}
import { createNonce, validateNonce, isInsecureProtocol } from './utils';
export default class ImplicitAuthenticator {
constructor(config = {}) {
@ -26,13 +13,7 @@ export default class ImplicitAuthenticator {
}
authenticate(options, cb) {
if (
document.location.protocol !== 'https:' &&
// TODO: Is insecure localhost a bad idea as well? I don't think it is, since you are not actually
// sending the token over the internet in this case, assuming the auth URL is secure.
document.location.hostname !== 'localhost' &&
document.location.hostname !== '127.0.0.1'
) {
if (isInsecureProtocol()) {
return cb(new Error('Cannot authenticate over insecure protocol!'));
}