summaryrefslogtreecommitdiffstats
path: root/mailnews/base
diff options
context:
space:
mode:
authorGaming4JC <g4jc@hyperbola.info>2019-12-30 09:49:29 -0500
committerGaming4JC <g4jc@hyperbola.info>2019-12-30 20:29:25 -0500
commitf532cec9768595ecea79714788515190d3c16f2d (patch)
tree7637c3e05abb2ce4e4ed5684952b0aa0a8092c6a /mailnews/base
parent3dae851d2135e2b321754a544a5a82cf155a3936 (diff)
downloadUXP-f532cec9768595ecea79714788515190d3c16f2d.tar
UXP-f532cec9768595ecea79714788515190d3c16f2d.tar.gz
UXP-f532cec9768595ecea79714788515190d3c16f2d.tar.lz
UXP-f532cec9768595ecea79714788515190d3c16f2d.tar.xz
UXP-f532cec9768595ecea79714788515190d3c16f2d.zip
Bug 1597933 - improve OAuth2 params parsing.
Diffstat (limited to 'mailnews/base')
-rw-r--r--mailnews/base/util/OAuth2.jsm22
1 files changed, 7 insertions, 15 deletions
diff --git a/mailnews/base/util/OAuth2.jsm b/mailnews/base/util/OAuth2.jsm
index dcbfb428f..8feee0e94 100644
--- a/mailnews/base/util/OAuth2.jsm
+++ b/mailnews/base/util/OAuth2.jsm
@@ -15,15 +15,6 @@ Cu.import("resource://gre/modules/Services.jsm");
Cu.import("resource://gre/modules/XPCOMUtils.jsm");
Cu.import("resource:///modules/gloda/log4moz.js");
-function parseURLData(aData) {
- let result = {};
- aData.split(/[?#]/, 2)[1].split("&").forEach(function (aParam) {
- let [key, value] = aParam.split("=");
- result[key] = decodeURIComponent(value);
- });
- return result;
-}
-
// Only allow one connecting window per endpoint.
var gConnecting = {};
@@ -169,13 +160,14 @@ OAuth2.prototype = {
delete this._browserRequest;
},
- onAuthorizationReceived: function(aData) {
- this.log.info("authorization received" + aData);
- let results = parseURLData(aData);
- if (results.code) {
- this.requestAccessToken(results.code, OAuth2.CODE_AUTHORIZATION);
+ // @see RFC 6749 section 4.1.2: Authorization Response
+ onAuthorizationReceived(aURL) {
+ this.log.info("OAuth2 authorization received: url=" + aURL);
+ let params = new URLSearchParams(aURL.split("?", 2)[1]);
+ if (params.has("code")) {
+ this.requestAccessToken(params.get("code"), OAuth2.CODE_AUTHORIZATION);
} else {
- this.onAuthorizationFailed(null, aData);
+ this.onAuthorizationFailed(null, aURL);
}
},