zcatalyst-cli 1.16.1 → 1.16.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -31,6 +31,7 @@ const fs_1 = require("../util_modules/fs");
|
|
|
31
31
|
const js_1 = require("../util_modules/js");
|
|
32
32
|
const logger_1 = require("../util_modules/logger");
|
|
33
33
|
const option_1 = require("../util_modules/option");
|
|
34
|
+
const crypto_1 = require("crypto");
|
|
34
35
|
exports.missingScopes = {
|
|
35
36
|
[constants_1.DC_TYPE.au.value]: ['quick_ml'],
|
|
36
37
|
[constants_1.DC_TYPE.eu.value]: ['quick_ml']
|
|
@@ -58,7 +59,7 @@ class Login {
|
|
|
58
59
|
_getCallbackUrl(port) {
|
|
59
60
|
return 'http://localhost:' + port;
|
|
60
61
|
}
|
|
61
|
-
_getLoginUrl(callbackUrl) {
|
|
62
|
+
_getLoginUrl(callbackUrl, state) {
|
|
62
63
|
return (constants_1.ORIGIN.auth +
|
|
63
64
|
'/oauth/v2/auth?' +
|
|
64
65
|
js_1.JS.map({
|
|
@@ -67,7 +68,8 @@ class Login {
|
|
|
67
68
|
response_type: 'code',
|
|
68
69
|
access_type: 'offline',
|
|
69
70
|
prompt: 'consent',
|
|
70
|
-
redirect_uri: callbackUrl
|
|
71
|
+
redirect_uri: callbackUrl,
|
|
72
|
+
state
|
|
71
73
|
}, (v, k) => {
|
|
72
74
|
return k + '=' + encodeURIComponent(v);
|
|
73
75
|
}).join('&'));
|
|
@@ -281,7 +283,8 @@ class Login {
|
|
|
281
283
|
var _a;
|
|
282
284
|
const dcRef = (_a = (0, dc_1.getActiveDCType)()) === null || _a === void 0 ? void 0 : _a.ref;
|
|
283
285
|
const callbackUrl = this._getCallbackUrl(port);
|
|
284
|
-
const
|
|
286
|
+
const nonce = encodeURIComponent((0, crypto_1.randomBytes)(16).toString());
|
|
287
|
+
const authUrl = this._getLoginUrl(callbackUrl, nonce);
|
|
285
288
|
let reqCount = 0;
|
|
286
289
|
const server = (0, http_1.createServer)((req, res) => __awaiter(this, void 0, void 0, function* () {
|
|
287
290
|
try {
|
|
@@ -296,6 +299,9 @@ class Login {
|
|
|
296
299
|
reqCount += 1;
|
|
297
300
|
const queryParamsObj = new url_1.URL(req.url, `http://${req.headers.host}`)
|
|
298
301
|
.searchParams;
|
|
302
|
+
if (queryParamsObj.get('state') !== nonce) {
|
|
303
|
+
throw new error_1.default('Invalid state param received.', { exit: 2 });
|
|
304
|
+
}
|
|
299
305
|
const code = queryParamsObj !== undefined && queryParamsObj.get('code');
|
|
300
306
|
const _location = queryParamsObj !== undefined && queryParamsObj.get('location');
|
|
301
307
|
const location = _location === 'dev' ? 'us' : _location;
|
|
@@ -151,6 +151,9 @@ function spinUpMaster(listenPort, otherServerDetails) {
|
|
|
151
151
|
protocolRewrite: 'http'
|
|
152
152
|
})
|
|
153
153
|
.on('error', (err, req, res) => {
|
|
154
|
+
if (res.writableEnded) {
|
|
155
|
+
return;
|
|
156
|
+
}
|
|
154
157
|
if (res instanceof http_1.ServerResponse) {
|
|
155
158
|
res.writeHead(502, { 'Content-Type': 'json' });
|
|
156
159
|
}
|
|
@@ -160,6 +163,9 @@ function spinUpMaster(listenPort, otherServerDetails) {
|
|
|
160
163
|
console.error(err);
|
|
161
164
|
})
|
|
162
165
|
.on('econnreset', (err, req, res, targetUrl) => {
|
|
166
|
+
if (res.writableEnded) {
|
|
167
|
+
return;
|
|
168
|
+
}
|
|
163
169
|
if (res instanceof http_1.ServerResponse) {
|
|
164
170
|
res.writeHead(502, { 'Content-Type': 'json' });
|
|
165
171
|
}
|