| 18 | } |
| 19 | |
| 20 | export function authorizeUserInWindow({ |
| 21 | url, |
| 22 | urlSuccessRegex = /(code=).*/, |
| 23 | urlFailureRegex = /(error=).*/, |
| 24 | sessionId, |
| 25 | }: { |
| 26 | url: string; |
| 27 | urlSuccessRegex: RegExp; |
| 28 | urlFailureRegex: RegExp; |
| 29 | sessionId: string; |
| 30 | }): Promise<string> { |
| 31 | return new Promise<string>(async (resolve, reject) => { |
| 32 | let finalUrl: string | null = null; |
| 33 | |
| 34 | // Fetch user setting to determine whether to validate SSL certificates during auth |
| 35 | const { |
| 36 | validateAuthSSL, |
| 37 | } = await models.settings.getOrCreate(); |
| 38 | |
| 39 | // Create a child window |
| 40 | const child = new BrowserWindow({ |
| 41 | webPreferences: { |
| 42 | nodeIntegration: false, |
| 43 | partition: sessionId, |
| 44 | }, |
| 45 | show: false, |
| 46 | }); |
| 47 | |
| 48 | function _parseUrl(currentUrl: string, source: string) { |
| 49 | if (currentUrl.match(urlSuccessRegex)) { |
| 50 | console.log(`[oauth2] ${source}: Matched success redirect to "${currentUrl}" with ${urlSuccessRegex.toString()}`,); |
| 51 | finalUrl = currentUrl; |
| 52 | child.close(); |
| 53 | } else if (currentUrl.match(urlFailureRegex)) { |
| 54 | console.log(`[oauth2] ${source}: Matched error redirect to "${currentUrl}" with ${urlFailureRegex.toString()}`,); |
| 55 | finalUrl = currentUrl; |
| 56 | child.close(); |
| 57 | } else if (currentUrl === url) { |
| 58 | // It's the first one, so it's not a redirect |
| 59 | console.log(`[oauth2] ${source}: Loaded "${currentUrl}"`); |
| 60 | } else { |
| 61 | console.log(`[oauth2] ${source}: Ignoring URL "${currentUrl}". Didn't match ${urlSuccessRegex.toString()}`,); |
| 62 | } |
| 63 | } |
| 64 | |
| 65 | // Finish on close |
| 66 | child.on('close', () => { |
| 67 | if (finalUrl) { |
| 68 | resolve(finalUrl); |
| 69 | } else { |
| 70 | const errorDescription = 'Authorization window closed'; |
| 71 | reject(new Error(errorDescription)); |
| 72 | } |
| 73 | }); |
| 74 | |
| 75 | // Select client certificate during login if needed. |
| 76 | // More Info: https://textslashplain.com/2020/05/04/client-certificate-authentication/ |
| 77 | child.webContents.on('select-client-certificate', (event, url, certificateList, callback) => { |