janhoy commented on code in PR #1791: URL: https://github.com/apache/solr/pull/1791#discussion_r1301664112
########## solr/webapp/web/js/angular/services.js: ########## @@ -286,8 +286,74 @@ solrAdminServices.factory('System', }) }]) .factory('AuthenticationService', - ['base64', function (base64) { - var service = {}; + ['base64', '$resource', function (base64, $resource) { + var service = {}; + + service.getOAuthTokens = function (url, data) { + var serializedData = serialize(data); + var resource = $resource(url, {}, { + getToken: { + method: 'POST', + timeout: 10000, + headers: { + 'Content-Type': 'application/x-www-form-urlencoded', + 'X-Requested-With': undefined // Set this header to undefined to prevent preflight requests + }, + transformResponse: function (data) { + return angular.fromJson(data); + } + } + }); + return resource.getToken({}, serializedData).$promise; + }; + + var codeChallengeMethod = "S256"; + service.getCodeChallengeMethod = function getCodeChallengeMethod() { + return codeChallengeMethod; + } + + service.generateCodeVerifier = function generateCodeVerifier() { + var codeVerifier = ''; + var possibleChars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~'; + for (var i = 0; i < 96; i++) { + codeVerifier += possibleChars.charAt(Math.floor(Math.random() * possibleChars.length)); + } + return codeVerifier; + } + + service.generateCodeChallengeFromVerifier = async function generateCodeChallengeFromVerifier(v) { + var hashed = await sha256(v); + var base64encoded = base64urlencode(hashed); + return base64encoded; + } + + function sha256(str) { + const encoder = new TextEncoder(); + return window.crypto.subtle.digest("SHA-256", encoder.encode(str)); Review Comment: I'd prefer if we don't introduce a hard requirement for SSL on Solr when doing JWT, in this PR, as people may be running dev and test envs in this mode. But if it is very hard to avoid we can document our way out of this in upgrade notes... -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org