Error redirect mechanism

2026-01-16 00:34:15 +01:00 · 2023-09-26 15:04:04 +02:00
parent 6577800ab8
commit a078bb21ff
7 changed files with 78 additions and 7 deletions
--- a/src/flow/code-2.html
+++ b/src/flow/code-2.html
@@ -97,13 +97,16 @@
    <script src="../js/load-layout.js"></script>
    <script src="../js/cookies.js"></script>
    <script>
-        $("#queryParams").text(window.location.search)
-
        const urlParams = new URLSearchParams(window.location.search);
        const code = urlParams.get("code");
        const state = urlParams.get("state");
        const sentState = getCookie("state");

+        if (!code || !state || !sentState) {
+            window.location = "/flow/expired";
+        }
+
+        $("#queryParams").text(window.location.search)
        $("#state").text(state);
        $("#sent-state").text(sentState);
        $("#received-state").text(state);
--- a/src/flow/code-3.html
+++ b/src/flow/code-3.html
@@ -160,6 +160,10 @@
        const tokenEndpoint = baseUrl + "/token";
        const code = new URLSearchParams(window.location.search).get('code');

+        if (!code) {
+            window.location = "/flow/expired";
+        }
+
        function fillRequestExample() {
            const requestExample = 
                "grant_type=authorization_code" + "\n"
--- a/src/flow/dag-2.html
+++ b/src/flow/dag-2.html
@@ -206,12 +206,17 @@
    <script src="../js/env-config.js"></script>
    <script>
        const tokenUrl = baseUrl + "/token"
-        const dagResponse = JSON.parse(getCookie("dag_response"));
+        var dagResponse;
+
+        try {
+            dagResponse = JSON.parse(getCookie("dag_response"));
+        } catch(e) {
+            window.location = "/flow/expired";
+        }
+
        var pollingInterval = null;
        var pollingAnimationInterval = null;

-        console.debug(dagResponse);
-
        function showUserPanel() {
            $("#line-2").removeClass("line-inactive");
            $("#circle-3").removeClass("circle-inactive");
--- a/src/flow/expired.html
+++ b/src/flow/expired.html
@@ -0,0 +1,48 @@
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>OAuth 2.0 Playground - Flow expired</title>
+    <link rel="icon" href="../favicon.ico" type="image/x-icon">
+    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css">
+    <link type="text/css" rel="stylesheet" href="../css/style.css" />
+    <link rel="preconnect" href="https://fonts.googleapis.com" />
+    <link rel="preconnect" href="https://fonts.gstatic.com" crossorigin />
+    <link rel="stylesheet"
+        href="https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;600;700&display=swap" />
+    <link rel="stylesheet" href="https://fonts.googleapis.com/icon?family=Material+Icons" />
+    <script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
+    <script src="https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js"></script>
+</head>
+
+<body>
+    <header id="page-header"></header>
+    <main>
+        <div class="container">
+            <div class="section">
+                <div class="col s12 m7">
+                    <div class="card horizontal">
+                        <div class="card-stacked">
+                            <div class="card-content">
+                                <h5>Your flow has expired</h5>
+                                <p>
+                                    Flow could not continue as it was missing vital information. This can be caused by not performing the flow before codes and/or cookies expire, or by manually navigating to section of a flow, before finishing previous steps. <b>Please start the flow again.</b>
+                                </p>
+                                <div class="row flow-submit-container">
+                                    <a class="waves-effect waves-light btn full-width"
+                                        href="/">Start over</a>
+                                </div>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </main>
+    <footer class="page-footer"></footer>
+    <script src="../js/load-layout.js"></script>
+</body>
+
+</html>
--- a/src/flow/pkce-2.html
+++ b/src/flow/pkce-2.html
@@ -186,6 +186,10 @@
        const state = generateSessionState();
        const codeChallenge = getCookie("code_challenge");

+        if (!codeChallenge) {
+            window.location = "/flow/expired";
+        }
+
        setCookie("pkce-state", state, 5);
        fillExample();
        $("#sendRequestBtn").attr("href", constructRequestUrl());
--- a/src/flow/pkce-3.html
+++ b/src/flow/pkce-3.html
@@ -110,13 +110,16 @@
    <script src="../js/load-layout.js"></script>
    <script src="../js/cookies.js"></script>
    <script>
-        $("#queryParams").text(window.location.search)
-
        const urlParams = new URLSearchParams(window.location.search);
        const code = urlParams.get('code');
        const state = urlParams.get('state');
        const sentState = getCookie("pkce-state");

+        if (!code || !state || !sentState) {
+            window.location = "/flow/expired";
+        }
+
+        $("#queryParams").text(window.location.search)
        $("#state").text(state);
        $("#sent-state").text(sentState);
        $("#received-state").text(state);
--- a/src/flow/pkce-4.html
+++ b/src/flow/pkce-4.html
@@ -175,6 +175,10 @@
        const code = new URLSearchParams(window.location.search).get('code');
        const codeVerifier = getCookie("code_verifier");

+        if (!code || !codeVerifier) {
+            window.location = "/flow/expired";
+        }
+
        function fillRequestExample() {
            const requestExample = 
                "grant_type=authorization_code" + "\n"