mirror of
https://github.com/nextcloud/server.git
synced 2026-02-18 18:28:50 -05:00
fix: update request token on two-factor pages
Signed-off-by: Richard Steinmetz <richard@steinmetz.cloud>
This commit is contained in:
Richard Steinmetz
parent
fa15cb8b87
commit
c690c6fbd2
13 changed files with 78 additions and 7 deletions
|
|
@ -25,6 +25,7 @@ use OCP\IRequest;
|
|||
use OCP\ISession;
|
||||
use OCP\IURLGenerator;
|
||||
use OCP\IUserSession;
|
||||
use OCP\Util;
|
||||
use Psr\Log\LoggerInterface;
|
||||
|
||||
#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
|
||||
|
|
@ -89,6 +90,7 @@ class TwoFactorChallengeController extends Controller {
|
|||
'logout_url' => $this->getLogoutUrl(),
|
||||
'hasSetupProviders' => !empty($setupProviders),
|
||||
];
|
||||
Util::addScript('core', 'twofactor-request-token');
|
||||
return new StandaloneTemplateResponse($this->appName, 'twofactorselectchallenge', $data, 'guest');
|
||||
}
|
||||
|
||||
|
|
@ -141,6 +143,7 @@ class TwoFactorChallengeController extends Controller {
|
|||
if ($provider instanceof IProvidesCustomCSP) {
|
||||
$response->setContentSecurityPolicy($provider->getCSP());
|
||||
}
|
||||
Util::addScript('core', 'twofactor-request-token');
|
||||
return $response;
|
||||
}
|
||||
|
||||
|
|
@ -204,6 +207,7 @@ class TwoFactorChallengeController extends Controller {
|
|||
'redirect_url' => $redirect_url,
|
||||
];
|
||||
|
||||
Util::addScript('core', 'twofactor-request-token');
|
||||
return new StandaloneTemplateResponse($this->appName, 'twofactorsetupselection', $data, 'guest');
|
||||
}
|
||||
|
||||
|
|
@ -235,6 +239,7 @@ class TwoFactorChallengeController extends Controller {
|
|||
'template' => $tmpl->fetchPage(),
|
||||
];
|
||||
$response = new StandaloneTemplateResponse($this->appName, 'twofactorsetupchallenge', $data, 'guest');
|
||||
Util::addScript('core', 'twofactor-request-token');
|
||||
return $response;
|
||||
}
|
||||
|
||||
|
|
|
|||
25
core/src/twofactor-request-token.ts
Normal file
25
core/src/twofactor-request-token.ts
Normal file
|
|
@ -0,0 +1,25 @@
|
|||
/**
|
||||
* SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
|
||||
* SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
*/
|
||||
|
||||
import { onRequestTokenUpdate } from '@nextcloud/auth'
|
||||
import { getBaseUrl } from '@nextcloud/router'
|
||||
|
||||
document.addEventListener('DOMContentLoaded', () => {
|
||||
onRequestTokenUpdate((token) => {
|
||||
const cancelLink = window.document.getElementById('cancel-login')
|
||||
if (!cancelLink) {
|
||||
return
|
||||
}
|
||||
|
||||
const href = cancelLink.getAttribute('href')
|
||||
if (!href) {
|
||||
return
|
||||
}
|
||||
|
||||
const parsedHref = new URL(href, getBaseUrl())
|
||||
parsedHref.searchParams.set('requesttoken', token)
|
||||
cancelLink.setAttribute('href', parsedHref.pathname + parsedHref.search)
|
||||
})
|
||||
})
|
||||
|
|
@ -76,7 +76,7 @@ $noProviders = empty($_['providers']);
|
|||
</a>
|
||||
</p>
|
||||
<?php endif; ?>
|
||||
<p><a class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
|
||||
<p><a id="cancel-login" class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
|
||||
<?php p($l->t('Cancel login')) ?>
|
||||
</a></p>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ $template = $_['template'];
|
|||
<div class="body-login-container update">
|
||||
<h2 class="two-factor-header"><?php p($provider->getDisplayName()); ?></h2>
|
||||
<?php print_unescaped($template); ?>
|
||||
<p><a class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
|
||||
<p><a id="cancel-login" class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
|
||||
<?php p($l->t('Cancel login')) ?>
|
||||
</a></p>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ declare(strict_types=1);
|
|||
</li>
|
||||
<?php endforeach; ?>
|
||||
</ul>
|
||||
<p><a class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
|
||||
<p><a id="cancel-login" class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
|
||||
<?php p($l->t('Cancel login')) ?>
|
||||
</a></p>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ $template = $_['template'];
|
|||
</a>
|
||||
</p>
|
||||
<?php endif; ?>
|
||||
<p><a class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
|
||||
<p><a id="cancel-login" class="two-factor-secondary" href="<?php print_unescaped($_['logout_url']); ?>">
|
||||
<?php p($l->t('Cancel login')) ?>
|
||||
</a></p>
|
||||
</div>
|
||||
|
|
|
|||
4
dist/core-common.js
vendored
4
dist/core-common.js
vendored
File diff suppressed because one or more lines are too long
2
dist/core-common.js.map
vendored
2
dist/core-common.js.map
vendored
File diff suppressed because one or more lines are too long
2
dist/core-twofactor-request-token.js
vendored
Normal file
2
dist/core-twofactor-request-token.js
vendored
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
(()=>{"use strict";var e,r={28798:(e,r,t)=>{var o=t(21777),n=t(63814);document.addEventListener("DOMContentLoaded",(()=>{(0,o.zo)((e=>{const r=window.document.getElementById("cancel-login");if(!r)return;const t=r.getAttribute("href");if(!t)return;const o=new URL(t,(0,n.$_)());o.searchParams.set("requesttoken",e),r.setAttribute("href",o.pathname+o.search)}))}))}},t={};function o(e){var n=t[e];if(void 0!==n)return n.exports;var i=t[e]={id:e,loaded:!1,exports:{}};return r[e].call(i.exports,i,i.exports,o),i.loaded=!0,i.exports}o.m=r,e=[],o.O=(r,t,n,i)=>{if(!t){var a=1/0;for(u=0;u<e.length;u++){t=e[u][0],n=e[u][1],i=e[u][2];for(var l=!0,d=0;d<t.length;d++)(!1&i||a>=i)&&Object.keys(o.O).every((e=>o.O[e](t[d])))?t.splice(d--,1):(l=!1,i<a&&(a=i));if(l){e.splice(u--,1);var s=n();void 0!==s&&(r=s)}}return r}i=i||0;for(var u=e.length;u>0&&e[u-1][2]>i;u--)e[u]=e[u-1];e[u]=[t,n,i]},o.n=e=>{var r=e&&e.__esModule?()=>e.default:()=>e;return o.d(r,{a:r}),r},o.d=(e,r)=>{for(var t in r)o.o(r,t)&&!o.o(e,t)&&Object.defineProperty(e,t,{enumerable:!0,get:r[t]})},o.e=()=>Promise.resolve(),o.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),o.o=(e,r)=>Object.prototype.hasOwnProperty.call(e,r),o.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},o.nmd=e=>(e.paths=[],e.children||(e.children=[]),e),o.j=2138,(()=>{o.b=document.baseURI||self.location.href;var e={2138:0};o.O.j=r=>0===e[r];var r=(r,t)=>{var n,i,a=t[0],l=t[1],d=t[2],s=0;if(a.some((r=>0!==e[r]))){for(n in l)o.o(l,n)&&(o.m[n]=l[n]);if(d)var u=d(o)}for(r&&r(t);s<a.length;s++)i=a[s],o.o(e,i)&&e[i]&&e[i][0](),e[i]=0;return o.O(u)},t=self.webpackChunknextcloud=self.webpackChunknextcloud||[];t.forEach(r.bind(null,0)),t.push=r.bind(null,t.push.bind(t))})(),o.nc=void 0;var n=o.O(void 0,[4208],(()=>o(28798)));n=o.O(n)})();
|
||||
//# sourceMappingURL=core-twofactor-request-token.js.map?v=4553367a21c16997c57f
|
||||
36
dist/core-twofactor-request-token.js.license
vendored
Normal file
36
dist/core-twofactor-request-token.js.license
vendored
Normal file
|
|
@ -0,0 +1,36 @@
|
|||
SPDX-License-Identifier: MIT
|
||||
SPDX-License-Identifier: ISC
|
||||
SPDX-License-Identifier: GPL-3.0-or-later
|
||||
SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
SPDX-FileCopyrightText: Tobias Koppers @sokra
|
||||
SPDX-FileCopyrightText: Roman Shtylman <shtylman@gmail.com>
|
||||
SPDX-FileCopyrightText: Nextcloud GmbH and Nextcloud contributors
|
||||
SPDX-FileCopyrightText: GitHub Inc.
|
||||
SPDX-FileCopyrightText: Christoph Wurst
|
||||
|
||||
|
||||
This file is generated from multiple sources. Included packages:
|
||||
- @nextcloud/auth
|
||||
- version: 2.5.1
|
||||
- license: GPL-3.0-or-later
|
||||
- @nextcloud/browser-storage
|
||||
- version: 0.4.0
|
||||
- license: GPL-3.0-or-later
|
||||
- semver
|
||||
- version: 7.6.3
|
||||
- license: ISC
|
||||
- @nextcloud/event-bus
|
||||
- version: 3.3.2
|
||||
- license: GPL-3.0-or-later
|
||||
- @nextcloud/router
|
||||
- version: 3.0.1
|
||||
- license: GPL-3.0-or-later
|
||||
- process
|
||||
- version: 0.11.10
|
||||
- license: MIT
|
||||
- webpack
|
||||
- version: 5.99.9
|
||||
- license: MIT
|
||||
- nextcloud
|
||||
- version: 1.0.0
|
||||
- license: AGPL-3.0-or-later
|
||||
1
dist/core-twofactor-request-token.js.map
vendored
Normal file
1
dist/core-twofactor-request-token.js.map
vendored
Normal file
File diff suppressed because one or more lines are too long
1
dist/core-twofactor-request-token.js.map.license
vendored
Symbolic link
1
dist/core-twofactor-request-token.js.map.license
vendored
Symbolic link
|
|
@ -0,0 +1 @@
|
|||
core-twofactor-request-token.js.license
|
||||
|
|
@ -27,6 +27,7 @@ module.exports = {
|
|||
'unsupported-browser': path.join(__dirname, 'core/src', 'unsupported-browser.js'),
|
||||
'unsupported-browser-redirect': path.join(__dirname, 'core/src', 'unsupported-browser-redirect.js'),
|
||||
public: path.join(__dirname, 'core/src', 'public.ts'),
|
||||
'twofactor-request-token': path.join(__dirname, 'core/src', 'twofactor-request-token.ts'),
|
||||
},
|
||||
dashboard: {
|
||||
main: path.join(__dirname, 'apps/dashboard/src', 'main.js'),
|
||||
|
|
|
|||
Loading…
Reference in a new issue