Merge pull request #85 from zooniverse/oauth-refresh-token

Various OAuth bug fixes
zooniverse · Feb 27, 2018 · 595e694 · 595e694
2 parents 7bb12d1 + d6eb3dd
commit 595e694
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 18 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Change Log
 
+## [v2.9.4](https://github.com/zooniverse/panoptes-javascript-client/tree/v2.9.4) (2018-02-27)
+[Full Changelog](https://github.com/zooniverse/panoptes-javascript-client/compare/v2.9.3...v2.9.4)
+
+**Merged pull requests:**
+
+- Various OAuth bug fixes [\#85](https://github.com/zooniverse/panoptes-javascript-client/pull/85) ([eatyourgreens](https://github.com/eatyourgreens))
+
 ## [v2.9.3](https://github.com/zooniverse/panoptes-javascript-client/tree/v2.9.3) (2018-02-23)
 [Full Changelog](https://github.com/zooniverse/panoptes-javascript-client/compare/v2.9.2...v2.9.3)
 

diff --git a/lib/oauth.js b/lib/oauth.js
@@ -78,7 +78,7 @@ module.exports = new Model({
       // Handle new token details if we've completed a sign in
       if (checkUrlForToken(window.location.hash)) {
         console.log('Token found in URL');
-        var tokenDetails = parseUrl(window.location.hash);
+        var tokenDetails = tokenFromLocation(window.location);
         this._handleNewBearerToken(tokenDetails);
 
         // And redirect to the desired page
@@ -88,6 +88,10 @@ module.exports = new Model({
 
       // If not, let's try and pick up an existing Panoptes session anyway
       this.checkBearerToken()
+        .then(function (tokenDetails) {
+          this._handleNewBearerToken(tokenDetails);
+          resolve(tokenDetails);
+        }.bind(this))
         .catch(function (error) {
           // We probably haven't signed in before
           console.info(error);
@@ -193,10 +197,10 @@ module.exports = new Model({
         // with a more relevant one.
         this._iframe.onload = function() {
           try {
-            var newUrl = this._iframe.contentWindow.location.href;
-            if (checkUrlForToken(newUrl)) {
+            var iframeLocation = this._iframe.contentWindow.location;
+            if (checkUrlForToken(iframeLocation.hash)) {
               console.info('Found existing Panoptes session');
-              var newTokenDetails = parseUrl(newUrl);
+              var newTokenDetails = tokenFromLocation(iframeLocation);
               resolve(newTokenDetails);
             } else {
               throw new TypeError('Valid OAuth details not found in URL');
@@ -253,15 +257,17 @@ module.exports = new Model({
   },
 
   _handleNewBearerToken: function(tokenDetails) {
-    console.log('Got new bearer token', tokenDetails.access_token.slice(-6));
-    this._tokenDetails = tokenDetails;
-    apiClient.headers.Authorization = 'Bearer ' + tokenDetails.access_token;
-
-    var refresh = this._refreshBearerToken.bind(this);
-    var timeToRefresh = (tokenDetails.expires_in * 1000) - TOKEN_EXPIRATION_ALLOWANCE;
-    this._bearerRefreshTimeout = setTimeout(refresh, timeToRefresh);
-    tokenDetails.expires_at = Date.now() + (tokenDetails.expires_in * 1000);
-    SESSION_STORAGE.setItem(LOCAL_STORAGE_PREFIX + 'tokenDetails', JSON.stringify(tokenDetails));
+    if (tokenDetails && tokenDetails.access_token) {
+      console.log('Got new bearer token', tokenDetails.access_token.slice(-6));
+      this._tokenDetails = tokenDetails;
+      apiClient.headers.Authorization = 'Bearer ' + tokenDetails.access_token;
+
+      var refresh = this._refreshBearerToken.bind(this);
+      var timeToRefresh = (tokenDetails.expires_in * 1000) - TOKEN_EXPIRATION_ALLOWANCE;
+      this._bearerRefreshTimeout = setTimeout(refresh, timeToRefresh);
+      tokenDetails.expires_at = Date.now() + (tokenDetails.expires_in * 1000);
+      SESSION_STORAGE.setItem(LOCAL_STORAGE_PREFIX + 'tokenDetails', JSON.stringify(tokenDetails));
+    }
     return tokenDetails;
   },
 
@@ -284,15 +290,16 @@ module.exports = new Model({
   }
 
 });
-
-// Utility functions
+/*******************************************
+  Utility functions
+*******************************************/
 function checkUrlForToken(string) {
   return string.indexOf('access_token') !== -1 &&
     string.indexOf('token_type=bearer') !== -1;
 }
 
-function parseUrl(string) {
-  var params = string.slice(1).split('&');
+function tokenFromLocation(loc) {
+  var params = loc.hash.slice(1).split('&');
   var tokenDetails = {};
   params.forEach(function(paramString) {
     var param = paramString.split('=');

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "panoptes-client",
-  "version": "2.9.3",
+  "version": "2.9.4",
   "description": "A Javascript client to access the Panoptes API",
   "main": "./lib/api-client.js",
   "author": "Zooniverse",