From 5a83f932473b9a8524aea37314e95b9f248ab2c6 Mon Sep 17 00:00:00 2001 From: leonhartX Date: Sun, 3 Jan 2021 22:29:08 +0900 Subject: [PATCH 1/2] remove client secret --- options/options.html | 16 ++++++++-------- options/options.js | 14 +++++++++----- src/gas/script-api.js | 2 +- 3 files changed, 18 insertions(+), 14 deletions(-) diff --git a/options/options.html b/options/options.html index 9a7b930..cf2748b 100644 --- a/options/options.html +++ b/options/options.html @@ -22,11 +22,11 @@

Logged in as: XXX

repo and gist scope):

-

Grant Google oauth token (paste the result code here)
*or leave it empty to use Chrome login user(for Chrome only)

- + -->
@@ -45,11 +45,11 @@

Logged in as: XXX

or accessToken(with repo and gist scope):

-

Grant Google oauth key (paste the result code here)
*or leave it empty to use Chrome login user(for Chrome only)

- + -->
@@ -67,11 +67,11 @@

Logged in as: XXX

Please star this extension on Github @@ -88,11 +88,11 @@

Logged in as: XXX

or personal accessToken(with api scope):

-

Grant Google oauth token (paste the result code here)
*or leave it empty to use Chrome login user(for Chrome only)

- + -->

Please star this extension on Github diff --git a/options/options.js b/options/options.js index b9f80ac..f5ce139 100644 --- a/options/options.js +++ b/options/options.js @@ -86,7 +86,8 @@ function getGithubParam() { const scm = 'github'; const username = $('#username').val(); const token = $('#accesstoken').val(); - const apiKey = $('#api-key').val(); + // const apiKey = $('#api-key').val(); + const apiKey = null; const baseUrl = `https://api.github.com`; const otp = $('#otp').val(); return { @@ -104,7 +105,8 @@ function getGHEParam() { const username = $('#ghe-username').val(); const password = $('#ghe-password').val(); const token = $('#ghe-accesstoken').val(); - const apiKey = $('#ghe-api-key').val(); + // const apiKey = $('#ghe-api-key').val(); + const apiKey = null; const baseUrl = $('#ghe-url').val() + '/api/v3'; const otp = $('#ghe-otp').val(); return { @@ -122,7 +124,8 @@ function getBitbucketParam() { const scm = 'bitbucket'; const username = $('#bitbucket-email').val(); const password = $('#bitbucket-password').val(); - const apiKey = $('#bitbucket-api-key').val(); + // const apiKey = $('#bitbucket-api-key').val(); + const apiKey = null; const baseUrl = `https://api.bitbucket.org/2.0`; return { scm, @@ -139,7 +142,8 @@ function getGitLabParam() { const password = $('#gitlab-password').val(); const token = $('#gitlab-accesstoken').val(); const tokenType = (token && token.length > 0) ? 'personalToken' : 'oAuth'; - const apiKey = $('#gitlab-api-key').val(); + // const apiKey = $('#gitlab-api-key').val(); + const apiKey = null; const baseUrl = ($('#gitlab-url').val() || 'https://gitlab.com') + '/api/v4'; return { scm, @@ -164,7 +168,7 @@ function addCred(param) { const payload = { code: param.apiKey, client_id: "971735641612-am059p55sofdp30p2t4djecn72l6kmpf.apps.googleusercontent.com", - client_secret: "epw3f_WvEn0Uwqi6kE7DBQl7", + client_secret: __SECRET__, redirect_uri: "urn:ietf:wg:oauth:2.0:oob", grant_type: "authorization_code", access_type: "offline" diff --git a/src/gas/script-api.js b/src/gas/script-api.js index 858eb6a..ef0e5d8 100644 --- a/src/gas/script-api.js +++ b/src/gas/script-api.js @@ -142,7 +142,7 @@ class ScriptApi { const payload = { refresh_token: context.gapiRefreshToken, client_id: "971735641612-am059p55sofdp30p2t4djecn72l6kmpf.apps.googleusercontent.com", - client_secret: "epw3f_WvEn0Uwqi6kE7DBQl7", + client_secret: __SECRET__, redirect_uri: "urn:ietf:wg:oauth:2.0:oob", grant_type: "refresh_token", } From febe64da430ae96e86901b66028c66d3a0a15256 Mon Sep 17 00:00:00 2001 From: leonhartX Date: Sun, 3 Jan 2021 23:05:09 +0900 Subject: [PATCH 2/2] check auth when login --- options/options.js | 23 ++++++++++++++++++++++- src/gas-hub.js | 14 ++++++++++++-- 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/options/options.js b/options/options.js index f5ce139..891f39e 100644 --- a/options/options.js +++ b/options/options.js @@ -77,6 +77,9 @@ $(() => { $('#login-user').text(`${user}${domain}`).attr('href', userLink); $('#token').attr('href', tokenLink); }) + .then(() => { + auth(); + }) .catch(err => { //not logged in }) @@ -412,7 +415,7 @@ function loginGitLabToken(param) { } function logout() { - chrome.storage.sync.remove(['scm', 'token', 'user', 'baseUrl', 'googleApiKey'], () => { + chrome.storage.sync.remove(['scm', 'token', 'user', 'baseUrl', 'gapiToken', 'gapiRefreshToken'], () => { location.reload(); }); chrome.storage.local.get('tab', (item) => { @@ -447,4 +450,22 @@ function addStar(token) { }) .always(resolve); }) +} + +function auth() { + return new Promise((resolve, reject) => { + chrome.runtime.sendMessage({ + cmd: 'login', + interactive: true + }, token => { + if (token == null) { + reject("can not get oauth token, currently only support Chrome"); + } else { + chrome.storage.sync.set({ + "gapiToken": token + }); + resolve(token); + } + }); + }); } \ No newline at end of file diff --git a/src/gas-hub.js b/src/gas-hub.js index 4047c5c..62c771c 100644 --- a/src/gas-hub.js +++ b/src/gas-hub.js @@ -49,6 +49,9 @@ function load() { .then(updateBranch) .then(updateGist) .then(initPageEvent) + .catch((err) => { + showLog(err, LEVEL_ERROR); + }) break; case 'not match': break; @@ -342,8 +345,15 @@ function auth() { cmd: 'login', interactive: true }, token => { - context.gapiToken = token; - resolve(token); + if (token == null) { + reject("can not get oauth token, currently only support Chrome"); + } else { + context.gapiToken = token; + chrome.storage.sync.set({ + "gapiToken": token + }); + resolve(token); + } }); }); }