85 lines
3.7 KiB
HTML
85 lines
3.7 KiB
HTML
<html lang="en">
|
|
<head>
|
|
<title>Authorize application</title>
|
|
<meta charset="UTF-8">
|
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
|
|
<link rel="stylesheet" type="text/css" href="/static/css/style.css" media="">
|
|
<script src="/static/js/hash-wasm.js"></script>
|
|
<link rel="icon" href="/static/svg/favicon.svg">
|
|
<script>
|
|
let client_id, redirect_uri, response_type, state, code, codemethod, secret_key, expires, nonce;
|
|
|
|
if (localStorage.getItem("DONOTSHARE-secretkey") === null) {
|
|
window.location.replace("/login" + window.location.search)
|
|
document.body.innerHTML = "Redirecting..."
|
|
throw new Error();
|
|
}
|
|
|
|
document.addEventListener("DOMContentLoaded", function() {
|
|
const urlParams = new URLSearchParams(window.location.search);
|
|
const statusBox = document.getElementById("statusBox");
|
|
|
|
// Get URL parameters
|
|
if (urlParams.has('client_id')) {
|
|
client_id = urlParams.get('client_id')
|
|
let name = document.getElementById("passthrough").innerText;
|
|
statusBox.textContent = "Would you like to allow " + name + " to access your user information?";
|
|
redirect_uri = urlParams.get('redirect_uri');
|
|
response_type = urlParams.get('response_type');
|
|
} else {
|
|
window.location.replace("/dashboard");
|
|
document.body.innerHTML = "Redirecting..."
|
|
throw new Error();
|
|
}
|
|
|
|
state = urlParams.has('state') ? urlParams.get('state') : "none";
|
|
|
|
if (urlParams.has('code_challenge')) {
|
|
code = urlParams.get('code_challenge');
|
|
codemethod = urlParams.get('code_challenge_method');
|
|
} else {
|
|
code = "none";
|
|
codemethod = "none";
|
|
}
|
|
|
|
if (urlParams.has('nonce')) {
|
|
nonce = urlParams.get('nonce');
|
|
} else {
|
|
nonce = "none";
|
|
}
|
|
|
|
// Get DONOTSHARE-secretkey from localStorage
|
|
secret_key = localStorage.getItem("DONOTSHARE-secretkey");
|
|
const now = new Date();
|
|
const expireTime = now.getTime() + (21 * 1000); // 21 seconds from now
|
|
expires = new Date(expireTime).toUTCString();
|
|
});
|
|
|
|
function oauth() {
|
|
document.cookie = "key=" + secret_key + "; expires=" + expires + "; path=/; SameSite=Strict";
|
|
|
|
// Send data to example.org using POST request
|
|
window.location.replace("/api/auth?client_id=" + client_id + "&redirect_uri=" + redirect_uri + "&code_challenge_method=" + codemethod + "&code_challenge=" + code + "&state=" + state + "&nonce=" + nonce);
|
|
}
|
|
</script>
|
|
</head>
|
|
|
|
<body>
|
|
<p id="passthrough" style="display: none;">{{ .name }}</p>
|
|
<p class="credit">Image by perga (@pergagreen on discord)</p>
|
|
<img src="/static/img/background.jpg" class="background" alt="">
|
|
<div style="position: fixed;top: 0;"><button onclick="document.getElementById('iframe').classList.toggle('hidden');" class="acctbutton">Account</button><iframe id="iframe" src="/account" class="iframe hidden"></iframe></div>
|
|
<div class="inoutdiv">
|
|
<h2 class="w300">Authorise Application</h2>
|
|
<p id="statusBox">Loading...</p>
|
|
<br>
|
|
<div style="display: flex;justify-content: center;">
|
|
<button onclick="oauth();" style="width: 100%;margin: 0 3px 0 0;">Allow</button>
|
|
<button onclick="window.location.replace('https://www.hectabit.org');" style="width: 100%;margin: 0 0 0 3px;">Deny</button>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
|
|
</html>
|