Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
netlify-cms-lib-auth
Advanced tools
netlify-cms-lib-auth - npm Package Compare versions
Comparing version 2.2.5 to 2.2.6-beta.0
@@ -6,2 +6,13 @@ # Change Log | ||
| ## [2.2.6-beta.0](https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth/compare/netlify-cms-lib-auth@2.2.5...netlify-cms-lib-auth@2.2.6-beta.0) (2019-12-02) | ||
| ### Bug Fixes | ||
| * pass auth type in authURL to be used in identity widget ([#2920](https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth/issues/2920)) ([87b4d0f](https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth/commit/87b4d0f7657df83ba25a9d4ab23b878dc3324b86)) | ||
| ## [2.2.5](https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth/compare/netlify-cms-lib-auth@2.2.4...netlify-cms-lib-auth@2.2.5) (2019-11-18) | ||
@@ -8,0 +19,0 @@ |
@@ -20,3 +20,3 @@ "use strict"; | ||
| function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i] != null ? arguments[i] : {}; if (i % 2) { ownKeys(source, true).forEach(function (key) { _defineProperty(target, key, source[key]); }); } else if (Object.getOwnPropertyDescriptors) { Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)); } else { ownKeys(source).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } } return target; } | ||
| function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = arguments[i] != null ? arguments[i] : {}; if (i % 2) { ownKeys(Object(source), true).forEach(function (key) { _defineProperty(target, key, source[key]); }); } else if (Object.getOwnPropertyDescriptors) { Object.defineProperties(target, Object.getOwnPropertyDescriptors(source)); } else { ownKeys(Object(source)).forEach(function (key) { Object.defineProperty(target, key, Object.getOwnPropertyDescriptor(source, key)); }); } } return target; } | ||
@@ -66,3 +66,7 @@ function _defineProperty(obj, key, value) { if (key in obj) { Object.defineProperty(obj, key, { value: value, enumerable: true, configurable: true, writable: true }); } else { obj[key] = value; } return obj; } | ||
| authURL.searchParams.set('scope', options.scope); | ||
| authURL.searchParams.set('state', createNonce()); | ||
| const state = JSON.stringify({ | ||
| auth_type: 'implicit', | ||
| nonce: createNonce() | ||
| }); | ||
| authURL.searchParams.set('state', state); | ||
| document.location.assign(authURL.href); | ||
@@ -85,3 +89,6 @@ } | ||
| const params = (0, _immutable.Map)(hashParams.entries()); | ||
| const validNonce = validateNonce(params.get('state')); | ||
| const { | ||
| nonce | ||
| } = JSON.parse(params.get('state')); | ||
| const validNonce = validateNonce(nonce); | ||
@@ -88,0 +95,0 @@ if (!validNonce) { |
@@ -1,2 +0,2 @@ | ||
| !function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e(require("immutable")):"function"==typeof define&&define.amd?define("NetlifyCmsLibAuth",["immutable"],e):"object"==typeof exports?exports.NetlifyCmsLibAuth=e(require("immutable")):t.NetlifyCmsLibAuth=e(t.NetlifyCmsDefaultExports.Immutable)}(window,(function(t){return function(t){var e={};function n(r){if(e[r])return e[r].exports;var o=e[r]={i:r,l:!1,exports:{}};return t[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=t,n.c=e,n.d=function(t,e,r){n.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:r})},n.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},n.t=function(t,e){if(1&e&&(t=n(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var o in t)n.d(r,o,function(e){return t[e]}.bind(null,o));return r},n.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return n.d(e,"a",e),e},n.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},n.p="",n(n.s=31)}([function(t,e,n){var r=n(2),o=n(4),i=n(5),u=n(25),c=n(7),a=n(8),s=/^\s+|\s+$/g;t.exports=function(t,e,n){if((t=a(t))&&(n||void 0===e))return t.replace(s,"");if(!t||!(e=r(e)))return t;var f=c(t),l=c(e),d=u(f,l),h=i(f,l)+1;return o(f,d,h).join("")}},function(t,e,n){var r=n(2),o=n(4),i=n(5),u=n(7),c=n(8),a=/\s+$/;t.exports=function(t,e,n){if((t=c(t))&&(n||void 0===e))return t.replace(a,"");if(!t||!(e=r(e)))return t;var s=u(t),f=i(s,u(e))+1;return o(s,0,f).join("")}},function(t,e,n){var r=n(3),o=n(14),i=n(15),u=n(16),c=1/0,a=r?r.prototype:void 0,s=a?a.toString:void 0;t.exports=function t(e){if("string"==typeof e)return e;if(i(e))return o(e,t)+"";if(u(e))return s?s.call(e):"";var n=e+"";return"0"==n&&1/e==-c?"-0":n}},function(t,e,n){var r=n(11).Symbol;t.exports=r},function(t,e,n){var r=n(21);t.exports=function(t,e,n){var o=t.length;return n=void 0===n?o:n,!e&&n>=o?t:r(t,e,n)}},function(t,e,n){var r=n(6);t.exports=function(t,e){for(var n=t.length;n--&&r(e,t[n],0)>-1;);return n}},function(t,e,n){var r=n(22),o=n(23),i=n(24);t.exports=function(t,e,n){return e==e?i(t,e,n):r(t,o,n)}},function(t,e,n){var r=n(26),o=n(27),i=n(28);t.exports=function(t){return o(t)?i(t):r(t)}},function(t,e,n){var r=n(2);t.exports=function(t){return null==t?"":r(t)}},function(e,n){e.exports=t},function(t,e,n){var r=n(29),o=n(30);t.exports=function(t,e,n){var i=e&&n||0;"string"==typeof t&&(e="binary"===t?new Array(16):null,t=null);var u=(t=t||{}).random||(t.rng||r)();if(u[6]=15&u[6]|64,u[8]=63&u[8]|128,e)for(var c=0;c<16;++c)e[i+c]=u[c];return e||o(u)}},function(t,e,n){var r=n(12),o="object"==typeof self&&self&&self.Object===Object&&self,i=r||o||Function("return this")();t.exports=i},function(t,e,n){(function(e){var n="object"==typeof e&&e&&e.Object===Object&&e;t.exports=n}).call(this,n(13))},function(t,e){var n;n=function(){return this}();try{n=n||new Function("return this")()}catch(t){"object"==typeof window&&(n=window)}t.exports=n},function(t,e){t.exports=function(t,e){for(var n=-1,r=null==t?0:t.length,o=Array(r);++n<r;)o[n]=e(t[n],n,t);return o}},function(t,e){var n=Array.isArray;t.exports=n},function(t,e,n){var r=n(17),o=n(20),i="[object Symbol]";t.exports=function(t){return"symbol"==typeof t||o(t)&&r(t)==i}},function(t,e,n){var r=n(3),o=n(18),i=n(19),u="[object Null]",c="[object Undefined]",a=r?r.toStringTag:void 0;t.exports=function(t){return null==t?void 0===t?c:u:a&&a in Object(t)?o(t):i(t)}},function(t,e,n){var r=n(3),o=Object.prototype,i=o.hasOwnProperty,u=o.toString,c=r?r.toStringTag:void 0;t.exports=function(t){var e=i.call(t,c),n=t[c];try{t[c]=void 0;var r=!0}catch(t){}var o=u.call(t);return r&&(e?t[c]=n:delete t[c]),o}},function(t,e){var n=Object.prototype.toString;t.exports=function(t){return n.call(t)}},function(t,e){t.exports=function(t){return null!=t&&"object"==typeof t}},function(t,e){t.exports=function(t,e,n){var r=-1,o=t.length;e<0&&(e=-e>o?0:o+e),(n=n>o?o:n)<0&&(n+=o),o=e>n?0:n-e>>>0,e>>>=0;for(var i=Array(o);++r<o;)i[r]=t[r+e];return i}},function(t,e){t.exports=function(t,e,n,r){for(var o=t.length,i=n+(r?1:-1);r?i--:++i<o;)if(e(t[i],i,t))return i;return-1}},function(t,e){t.exports=function(t){return t!=t}},function(t,e){t.exports=function(t,e,n){for(var r=n-1,o=t.length;++r<o;)if(t[r]===e)return r;return-1}},function(t,e,n){var r=n(6);t.exports=function(t,e){for(var n=-1,o=t.length;++n<o&&r(e,t[n],0)>-1;);return n}},function(t,e){t.exports=function(t){return t.split("")}},function(t,e){var n=RegExp("[\\u200d\\ud800-\\udfff\\u0300-\\u036f\\ufe20-\\ufe2f\\u20d0-\\u20ff\\ufe0e\\ufe0f]");t.exports=function(t){return n.test(t)}},function(t,e){var n="[\\ud800-\\udfff]",r="[\\u0300-\\u036f\\ufe20-\\ufe2f\\u20d0-\\u20ff]",o="\\ud83c[\\udffb-\\udfff]",i="[^\\ud800-\\udfff]",u="(?:\\ud83c[\\udde6-\\uddff]){2}",c="[\\ud800-\\udbff][\\udc00-\\udfff]",a="(?:"+r+"|"+o+")"+"?",s="[\\ufe0e\\ufe0f]?"+a+("(?:\\u200d(?:"+[i,u,c].join("|")+")[\\ufe0e\\ufe0f]?"+a+")*"),f="(?:"+[i+r+"?",r,u,c,n].join("|")+")",l=RegExp(o+"(?="+o+")|"+f+s,"g");t.exports=function(t){return t.match(l)||[]}},function(t,e){var n="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto)||"undefined"!=typeof msCrypto&&"function"==typeof window.msCrypto.getRandomValues&&msCrypto.getRandomValues.bind(msCrypto);if(n){var r=new Uint8Array(16);t.exports=function(){return n(r),r}}else{var o=new Array(16);t.exports=function(){for(var t,e=0;e<16;e++)0==(3&e)&&(t=4294967296*Math.random()),o[e]=t>>>((3&e)<<3)&255;return o}}},function(t,e){for(var n=[],r=0;r<256;++r)n[r]=(r+256).toString(16).substr(1);t.exports=function(t,e){var r=e||0,o=n;return[o[t[r++]],o[t[r++]],o[t[r++]],o[t[r++]],"-",o[t[r++]],o[t[r++]],"-",o[t[r++]],o[t[r++]],"-",o[t[r++]],o[t[r++]],"-",o[t[r++]],o[t[r++]],o[t[r++]],o[t[r++]],o[t[r++]],o[t[r++]]].join("")}},function(t,e,n){"use strict";n.r(e);var r=n(0),o=n.n(r),i=n(1),u=n.n(i);const c="https://api.netlify.com",a="auth";class s{constructor(t){this.err=t}toString(){return this.err&&this.err.message}}const f={github:{width:960,height:600},gitlab:{width:960,height:600},bitbucket:{width:960,height:500},email:{width:500,height:400}};var l=class{constructor(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};this.site_id=t.site_id||null,this.base_url=u()(t.base_url,"/")||c,this.auth_endpoint=o()(t.auth_endpoint,"/")||a}handshakeCallback(t,e){const n=r=>{if(r.data==="authorizing:"+t.provider&&r.origin===this.base_url)return window.removeEventListener("message",n,!1),window.addEventListener("message",this.authorizeCallback(t,e),!1),this.authWindow.postMessage(r.data,r.origin)};return n}authorizeCallback(t,e){const n=r=>{if(r.origin===this.base_url){if(0===r.data.indexOf("authorization:"+t.provider+":success:")){const o=JSON.parse(r.data.match(new RegExp("^authorization:"+t.provider+":success:(.+)$"))[1]);window.removeEventListener("message",n,!1),this.authWindow.close(),e(null,o)}if(0===r.data.indexOf("authorization:"+t.provider+":error:")){const o=JSON.parse(r.data.match(new RegExp("^authorization:"+t.provider+":error:(.+)$"))[1]);window.removeEventListener("message",n,!1),this.authWindow.close(),e(new s(o))}}};return n}getSiteID(){if(this.site_id)return this.site_id;const t=document.location.host.split(":")[0];return"localhost"===t?"cms.netlify.com":t}authenticate(t,e){const{provider:n}=t,r=this.getSiteID();if(!n)return e(new s({message:"You must specify a provider when calling netlify.authenticate"}));if(!r)return e(new s({message:"You must set a site_id with netlify.configure({site_id: 'your-site-id'}) to make authentication work from localhost"}));const o=f[n]||f.github,i=screen.width/2-o.width/2,u=screen.height/2-o.height/2;window.addEventListener("message",this.handshakeCallback(t,e),!1);let c="".concat(this.base_url,"/").concat(this.auth_endpoint,"?provider=").concat(t.provider,"&site_id=").concat(r);t.scope&&(c+="&scope="+t.scope),!0===t.login&&(c+="&login=true"),t.beta_invite&&(c+="&beta_invite="+t.beta_invite),t.invite_code&&(c+="&invite_code="+t.invite_code),this.authWindow=window.open(c,"Netlify Authorization","width=".concat(o.width,", height=").concat(o.height,", top=").concat(u,", left=").concat(i)),this.authWindow.focus()}refresh(t,e){const{provider:n,refresh_token:r}=t,o=this.getSiteID(),i=e||Promise.reject.bind(Promise);if(!n||!r)return i(new s({message:"You must specify a provider and refresh token when calling netlify.refresh"}));if(!o)return i(new s({message:"You must set a site_id with netlify.configure({site_id: 'your-site-id'}) to make token refresh work from localhost"}));const u="".concat(this.base_url,"/").concat(this.auth_endpoint,"/refresh?provider=").concat(n,"&site_id=").concat(o,"&refresh_token=").concat(r),c=fetch(u,{method:"POST",body:""}).then(t=>t.json());if(!e)return c;c.then(t=>e(null,t)).catch(e)}},d=n(9),h=n(10),p=n.n(h);function v(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function m(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function y(t,e){if(null==t)return{};var n,r,o=function(t,e){if(null==t)return{};var n,r,o={},i=Object.keys(t);for(r=0;r<i.length;r++)n=i[r],e.indexOf(n)>=0||(o[n]=t[n]);return o}(t,e);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(t);for(r=0;r<i.length;r++)n=i[r],e.indexOf(n)>=0||Object.prototype.propertyIsEnumerable.call(t,n)&&(o[n]=t[n])}return o}class g{constructor(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};const e=u()(t.base_url,"/"),n=o()(t.auth_endpoint,"/");this.auth_url="".concat(e,"/").concat(n),this.appID=t.app_id,this.clearHash=t.clearHash}authenticate(t,e){if("https:"!==document.location.protocol&&"localhost"!==document.location.hostname&&"127.0.0.1"!==document.location.hostname)return e(new Error("Cannot authenticate over insecure protocol!"));const n=new URL(this.auth_url);n.searchParams.set("client_id",this.appID),n.searchParams.set("redirect_uri",document.location.origin+document.location.pathname),n.searchParams.set("response_type","token"),n.searchParams.set("scope",t.scope),n.searchParams.set("state",function(){const t=p()();return window.sessionStorage.setItem("netlify-cms-auth",JSON.stringify({nonce:t})),t}()),document.location.assign(n.href)}completeAuth(t){const e=new URLSearchParams(document.location.hash.replace(/^#?\/?/,""));if(!e.has("access_token")&&!e.has("error"))return;this.clearHash();const n=Object(d.Map)(e.entries());if(!function(t){const e=window.sessionStorage.getItem("netlify-cms-auth"),n=e&&JSON.parse(e).nonce;return window.localStorage.removeItem("netlify-cms-auth"),t===n}(n.get("state")))return t(new Error("Invalid nonce"));if(n.has("error"))return t(new Error("".concat(n.get("error"),": ").concat(n.get("error_description"))));if(n.has("access_token")){const e=n.toJS(),{access_token:r}=e;t(null,function(t){for(var e=1;e<arguments.length;e++){var n=null!=arguments[e]?arguments[e]:{};e%2?v(n,!0).forEach((function(e){m(t,e,n[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(n)):v(n).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(n,e))}))}return t}({token:r},y(e,["access_token"])))}}}n.d(e,"NetlifyCmsLibAuth",(function(){return b})),n.d(e,"NetlifyAuthenticator",(function(){return l})),n.d(e,"ImplicitAuthenticator",(function(){return g}));const b={NetlifyAuthenticator:l,ImplicitAuthenticator:g}}]).NetlifyCmsLibAuth})); | ||
| !function(t,e){"object"==typeof exports&&"object"==typeof module?module.exports=e(require("immutable")):"function"==typeof define&&define.amd?define("NetlifyCmsLibAuth",["immutable"],e):"object"==typeof exports?exports.NetlifyCmsLibAuth=e(require("immutable")):t.NetlifyCmsLibAuth=e(t.NetlifyCmsDefaultExports.Immutable)}(window,(function(t){return function(t){var e={};function n(r){if(e[r])return e[r].exports;var o=e[r]={i:r,l:!1,exports:{}};return t[r].call(o.exports,o,o.exports,n),o.l=!0,o.exports}return n.m=t,n.c=e,n.d=function(t,e,r){n.o(t,e)||Object.defineProperty(t,e,{enumerable:!0,get:r})},n.r=function(t){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(t,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(t,"__esModule",{value:!0})},n.t=function(t,e){if(1&e&&(t=n(t)),8&e)return t;if(4&e&&"object"==typeof t&&t&&t.__esModule)return t;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:t}),2&e&&"string"!=typeof t)for(var o in t)n.d(r,o,function(e){return t[e]}.bind(null,o));return r},n.n=function(t){var e=t&&t.__esModule?function(){return t.default}:function(){return t};return n.d(e,"a",e),e},n.o=function(t,e){return Object.prototype.hasOwnProperty.call(t,e)},n.p="",n(n.s=31)}([function(t,e,n){var r=n(2),o=n(4),i=n(5),u=n(25),c=n(7),a=n(8),s=/^\s+|\s+$/g;t.exports=function(t,e,n){if((t=a(t))&&(n||void 0===e))return t.replace(s,"");if(!t||!(e=r(e)))return t;var f=c(t),l=c(e),h=u(f,l),d=i(f,l)+1;return o(f,h,d).join("")}},function(t,e,n){var r=n(2),o=n(4),i=n(5),u=n(7),c=n(8),a=/\s+$/;t.exports=function(t,e,n){if((t=c(t))&&(n||void 0===e))return t.replace(a,"");if(!t||!(e=r(e)))return t;var s=u(t),f=i(s,u(e))+1;return o(s,0,f).join("")}},function(t,e,n){var r=n(3),o=n(14),i=n(15),u=n(16),c=1/0,a=r?r.prototype:void 0,s=a?a.toString:void 0;t.exports=function t(e){if("string"==typeof e)return e;if(i(e))return o(e,t)+"";if(u(e))return s?s.call(e):"";var n=e+"";return"0"==n&&1/e==-c?"-0":n}},function(t,e,n){var r=n(11).Symbol;t.exports=r},function(t,e,n){var r=n(21);t.exports=function(t,e,n){var o=t.length;return n=void 0===n?o:n,!e&&n>=o?t:r(t,e,n)}},function(t,e,n){var r=n(6);t.exports=function(t,e){for(var n=t.length;n--&&r(e,t[n],0)>-1;);return n}},function(t,e,n){var r=n(22),o=n(23),i=n(24);t.exports=function(t,e,n){return e==e?i(t,e,n):r(t,o,n)}},function(t,e,n){var r=n(26),o=n(27),i=n(28);t.exports=function(t){return o(t)?i(t):r(t)}},function(t,e,n){var r=n(2);t.exports=function(t){return null==t?"":r(t)}},function(e,n){e.exports=t},function(t,e,n){var r=n(29),o=n(30);t.exports=function(t,e,n){var i=e&&n||0;"string"==typeof t&&(e="binary"===t?new Array(16):null,t=null);var u=(t=t||{}).random||(t.rng||r)();if(u[6]=15&u[6]|64,u[8]=63&u[8]|128,e)for(var c=0;c<16;++c)e[i+c]=u[c];return e||o(u)}},function(t,e,n){var r=n(12),o="object"==typeof self&&self&&self.Object===Object&&self,i=r||o||Function("return this")();t.exports=i},function(t,e,n){(function(e){var n="object"==typeof e&&e&&e.Object===Object&&e;t.exports=n}).call(this,n(13))},function(t,e){var n;n=function(){return this}();try{n=n||new Function("return this")()}catch(t){"object"==typeof window&&(n=window)}t.exports=n},function(t,e){t.exports=function(t,e){for(var n=-1,r=null==t?0:t.length,o=Array(r);++n<r;)o[n]=e(t[n],n,t);return o}},function(t,e){var n=Array.isArray;t.exports=n},function(t,e,n){var r=n(17),o=n(20),i="[object Symbol]";t.exports=function(t){return"symbol"==typeof t||o(t)&&r(t)==i}},function(t,e,n){var r=n(3),o=n(18),i=n(19),u="[object Null]",c="[object Undefined]",a=r?r.toStringTag:void 0;t.exports=function(t){return null==t?void 0===t?c:u:a&&a in Object(t)?o(t):i(t)}},function(t,e,n){var r=n(3),o=Object.prototype,i=o.hasOwnProperty,u=o.toString,c=r?r.toStringTag:void 0;t.exports=function(t){var e=i.call(t,c),n=t[c];try{t[c]=void 0;var r=!0}catch(t){}var o=u.call(t);return r&&(e?t[c]=n:delete t[c]),o}},function(t,e){var n=Object.prototype.toString;t.exports=function(t){return n.call(t)}},function(t,e){t.exports=function(t){return null!=t&&"object"==typeof t}},function(t,e){t.exports=function(t,e,n){var r=-1,o=t.length;e<0&&(e=-e>o?0:o+e),(n=n>o?o:n)<0&&(n+=o),o=e>n?0:n-e>>>0,e>>>=0;for(var i=Array(o);++r<o;)i[r]=t[r+e];return i}},function(t,e){t.exports=function(t,e,n,r){for(var o=t.length,i=n+(r?1:-1);r?i--:++i<o;)if(e(t[i],i,t))return i;return-1}},function(t,e){t.exports=function(t){return t!=t}},function(t,e){t.exports=function(t,e,n){for(var r=n-1,o=t.length;++r<o;)if(t[r]===e)return r;return-1}},function(t,e,n){var r=n(6);t.exports=function(t,e){for(var n=-1,o=t.length;++n<o&&r(e,t[n],0)>-1;);return n}},function(t,e){t.exports=function(t){return t.split("")}},function(t,e){var n=RegExp("[\\u200d\\ud800-\\udfff\\u0300-\\u036f\\ufe20-\\ufe2f\\u20d0-\\u20ff\\ufe0e\\ufe0f]");t.exports=function(t){return n.test(t)}},function(t,e){var n="[\\ud800-\\udfff]",r="[\\u0300-\\u036f\\ufe20-\\ufe2f\\u20d0-\\u20ff]",o="\\ud83c[\\udffb-\\udfff]",i="[^\\ud800-\\udfff]",u="(?:\\ud83c[\\udde6-\\uddff]){2}",c="[\\ud800-\\udbff][\\udc00-\\udfff]",a="(?:"+r+"|"+o+")"+"?",s="[\\ufe0e\\ufe0f]?"+a+("(?:\\u200d(?:"+[i,u,c].join("|")+")[\\ufe0e\\ufe0f]?"+a+")*"),f="(?:"+[i+r+"?",r,u,c,n].join("|")+")",l=RegExp(o+"(?="+o+")|"+f+s,"g");t.exports=function(t){return t.match(l)||[]}},function(t,e){var n="undefined"!=typeof crypto&&crypto.getRandomValues&&crypto.getRandomValues.bind(crypto)||"undefined"!=typeof msCrypto&&"function"==typeof window.msCrypto.getRandomValues&&msCrypto.getRandomValues.bind(msCrypto);if(n){var r=new Uint8Array(16);t.exports=function(){return n(r),r}}else{var o=new Array(16);t.exports=function(){for(var t,e=0;e<16;e++)0==(3&e)&&(t=4294967296*Math.random()),o[e]=t>>>((3&e)<<3)&255;return o}}},function(t,e){for(var n=[],r=0;r<256;++r)n[r]=(r+256).toString(16).substr(1);t.exports=function(t,e){var r=e||0,o=n;return[o[t[r++]],o[t[r++]],o[t[r++]],o[t[r++]],"-",o[t[r++]],o[t[r++]],"-",o[t[r++]],o[t[r++]],"-",o[t[r++]],o[t[r++]],"-",o[t[r++]],o[t[r++]],o[t[r++]],o[t[r++]],o[t[r++]],o[t[r++]]].join("")}},function(t,e,n){"use strict";n.r(e);var r=n(0),o=n.n(r),i=n(1),u=n.n(i);const c="https://api.netlify.com",a="auth";class s{constructor(t){this.err=t}toString(){return this.err&&this.err.message}}const f={github:{width:960,height:600},gitlab:{width:960,height:600},bitbucket:{width:960,height:500},email:{width:500,height:400}};var l=class{constructor(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};this.site_id=t.site_id||null,this.base_url=u()(t.base_url,"/")||c,this.auth_endpoint=o()(t.auth_endpoint,"/")||a}handshakeCallback(t,e){const n=r=>{if(r.data==="authorizing:"+t.provider&&r.origin===this.base_url)return window.removeEventListener("message",n,!1),window.addEventListener("message",this.authorizeCallback(t,e),!1),this.authWindow.postMessage(r.data,r.origin)};return n}authorizeCallback(t,e){const n=r=>{if(r.origin===this.base_url){if(0===r.data.indexOf("authorization:"+t.provider+":success:")){const o=JSON.parse(r.data.match(new RegExp("^authorization:"+t.provider+":success:(.+)$"))[1]);window.removeEventListener("message",n,!1),this.authWindow.close(),e(null,o)}if(0===r.data.indexOf("authorization:"+t.provider+":error:")){const o=JSON.parse(r.data.match(new RegExp("^authorization:"+t.provider+":error:(.+)$"))[1]);window.removeEventListener("message",n,!1),this.authWindow.close(),e(new s(o))}}};return n}getSiteID(){if(this.site_id)return this.site_id;const t=document.location.host.split(":")[0];return"localhost"===t?"cms.netlify.com":t}authenticate(t,e){const{provider:n}=t,r=this.getSiteID();if(!n)return e(new s({message:"You must specify a provider when calling netlify.authenticate"}));if(!r)return e(new s({message:"You must set a site_id with netlify.configure({site_id: 'your-site-id'}) to make authentication work from localhost"}));const o=f[n]||f.github,i=screen.width/2-o.width/2,u=screen.height/2-o.height/2;window.addEventListener("message",this.handshakeCallback(t,e),!1);let c="".concat(this.base_url,"/").concat(this.auth_endpoint,"?provider=").concat(t.provider,"&site_id=").concat(r);t.scope&&(c+="&scope="+t.scope),!0===t.login&&(c+="&login=true"),t.beta_invite&&(c+="&beta_invite="+t.beta_invite),t.invite_code&&(c+="&invite_code="+t.invite_code),this.authWindow=window.open(c,"Netlify Authorization","width=".concat(o.width,", height=").concat(o.height,", top=").concat(u,", left=").concat(i)),this.authWindow.focus()}refresh(t,e){const{provider:n,refresh_token:r}=t,o=this.getSiteID(),i=e||Promise.reject.bind(Promise);if(!n||!r)return i(new s({message:"You must specify a provider and refresh token when calling netlify.refresh"}));if(!o)return i(new s({message:"You must set a site_id with netlify.configure({site_id: 'your-site-id'}) to make token refresh work from localhost"}));const u="".concat(this.base_url,"/").concat(this.auth_endpoint,"/refresh?provider=").concat(n,"&site_id=").concat(o,"&refresh_token=").concat(r),c=fetch(u,{method:"POST",body:""}).then(t=>t.json());if(!e)return c;c.then(t=>e(null,t)).catch(e)}},h=n(9),d=n(10),p=n.n(d);function m(t,e){var n=Object.keys(t);if(Object.getOwnPropertySymbols){var r=Object.getOwnPropertySymbols(t);e&&(r=r.filter((function(e){return Object.getOwnPropertyDescriptor(t,e).enumerable}))),n.push.apply(n,r)}return n}function v(t,e,n){return e in t?Object.defineProperty(t,e,{value:n,enumerable:!0,configurable:!0,writable:!0}):t[e]=n,t}function y(t,e){if(null==t)return{};var n,r,o=function(t,e){if(null==t)return{};var n,r,o={},i=Object.keys(t);for(r=0;r<i.length;r++)n=i[r],e.indexOf(n)>=0||(o[n]=t[n]);return o}(t,e);if(Object.getOwnPropertySymbols){var i=Object.getOwnPropertySymbols(t);for(r=0;r<i.length;r++)n=i[r],e.indexOf(n)>=0||Object.prototype.propertyIsEnumerable.call(t,n)&&(o[n]=t[n])}return o}function b(){const t=p()();return window.sessionStorage.setItem("netlify-cms-auth",JSON.stringify({nonce:t})),t}class g{constructor(){let t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};const e=u()(t.base_url,"/"),n=o()(t.auth_endpoint,"/");this.auth_url="".concat(e,"/").concat(n),this.appID=t.app_id,this.clearHash=t.clearHash}authenticate(t,e){if("https:"!==document.location.protocol&&"localhost"!==document.location.hostname&&"127.0.0.1"!==document.location.hostname)return e(new Error("Cannot authenticate over insecure protocol!"));const n=new URL(this.auth_url);n.searchParams.set("client_id",this.appID),n.searchParams.set("redirect_uri",document.location.origin+document.location.pathname),n.searchParams.set("response_type","token"),n.searchParams.set("scope",t.scope);const r=JSON.stringify({auth_type:"implicit",nonce:b()});n.searchParams.set("state",r),document.location.assign(n.href)}completeAuth(t){const e=new URLSearchParams(document.location.hash.replace(/^#?\/?/,""));if(!e.has("access_token")&&!e.has("error"))return;this.clearHash();const n=Object(h.Map)(e.entries()),{nonce:r}=JSON.parse(n.get("state"));if(!function(t){const e=window.sessionStorage.getItem("netlify-cms-auth"),n=e&&JSON.parse(e).nonce;return window.localStorage.removeItem("netlify-cms-auth"),t===n}(r))return t(new Error("Invalid nonce"));if(n.has("error"))return t(new Error("".concat(n.get("error"),": ").concat(n.get("error_description"))));if(n.has("access_token")){const e=n.toJS(),{access_token:r}=e;t(null,function(t){for(var e=1;e<arguments.length;e++){var n=null!=arguments[e]?arguments[e]:{};e%2?m(Object(n),!0).forEach((function(e){v(t,e,n[e])})):Object.getOwnPropertyDescriptors?Object.defineProperties(t,Object.getOwnPropertyDescriptors(n)):m(Object(n)).forEach((function(e){Object.defineProperty(t,e,Object.getOwnPropertyDescriptor(n,e))}))}return t}({token:r},y(e,["access_token"])))}}}n.d(e,"NetlifyCmsLibAuth",(function(){return w})),n.d(e,"NetlifyAuthenticator",(function(){return l})),n.d(e,"ImplicitAuthenticator",(function(){return g}));const w={NetlifyAuthenticator:l,ImplicitAuthenticator:g}}]).NetlifyCmsLibAuth})); | ||
| //# sourceMappingURL=netlify-cms-lib-auth.js.map |
| { | ||
| "name": "netlify-cms-lib-auth", | ||
| "description": "Shared authentication functionality for Netlify CMS.", | ||
| "version": "2.2.5", | ||
| "version": "2.2.6-beta.0", | ||
| "repository": "https://github.com/netlify/netlify-cms/tree/master/packages/netlify-cms-lib-auth", | ||
@@ -28,3 +28,3 @@ "bugs": "https://github.com/netlify/netlify-cms/issues", | ||
| }, | ||
| "gitHead": "dc0c4c51ed3d5e3fc9224474e57f8a0e48f73e81" | ||
| "gitHead": "c8d6eaf239eabc35836b11b716ca2ce5d637a8bc" | ||
| } |
@@ -44,4 +44,6 @@ import { Map } from 'immutable'; | ||
| authURL.searchParams.set('scope', options.scope); | ||
| authURL.searchParams.set('state', createNonce()); | ||
| const state = JSON.stringify({ auth_type: 'implicit', nonce: createNonce() }); | ||
| authURL.searchParams.set('state', state); | ||
| document.location.assign(authURL.href); | ||
@@ -63,3 +65,4 @@ } | ||
| const validNonce = validateNonce(params.get('state')); | ||
| const { nonce } = JSON.parse(params.get('state')); | ||
| const validNonce = validateNonce(nonce); | ||
| if (!validNonce) { | ||
@@ -66,0 +69,0 @@ return cb(new Error('Invalid nonce')); |
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No v1
QualityPackage is not semver >=1. This means it is not stable and does not support ^ ranges.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by1.25%
90912
- Lines of code
- increased by1.74%
525
Worsened metrics
- Number of low quality alerts
- increased by50%
3
No dependency changes