9 var oauth2 = window.opener.swaggerUIRedirectOauth2;
10 var sentState = oauth2.state;
11 var redirectUrl = oauth2.redirectUrl;
14 if (/code|token|error/.test(window.location.hash)) {
15 qp = window.location.hash.substring(1);
17 qp = location.search.substring(1);
21 arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';})
22 qp = qp ? JSON.parse('{' + arr.join() + '}',
23 function (key, value) {
24 return key === "" ? value : decodeURIComponent(value)
28 isValid = qp.state === sentState
31 oauth2.auth.schema.get("flow") === "accessCode"||
32 oauth2.auth.schema.get("flow") === "authorizationCode"
33 ) && !oauth2.auth.code) {
36 authId: oauth2.auth.name,
39 message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server"
45 oauth2.auth.code = qp.code;
46 oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
50 oauthErrorMsg = "["+qp.error+"]: " +
51 (qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") +
52 (qp.error_uri ? "More info: "+qp.error_uri : "");
56 authId: oauth2.auth.name,
59 message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server"
63 oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});