Skip to content

Commit 6999dbf

Browse files
authored
Add support for popup and auth configuration (#18)
* Add support for popup and auth configuration * Update version
1 parent 55b2e17 commit 6999dbf

File tree

5 files changed

+78
-17
lines changed

5 files changed

+78
-17
lines changed

README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ npm install --save-dev dropbox-oauth-popup
4141
Or you can use it directly in your browser be including the following tag
4242

4343
```
44-
<script src="https://cdn.jsdelivr.net/npm/dropbox-oauth-popup@1.3.1"></script>
44+
<script src="https://cdn.jsdelivr.net/npm/dropbox-oauth-popup@1.4.0"></script>
4545
```
4646

4747
## License

examples/browser.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@
55
<script src="https://cdn.jsdelivr.net/npm/promise-polyfill@7/dist/polyfill.min.js"></script>
66
<script src="https://cdnjs.cloudflare.com/ajax/libs/fetch/2.0.3/fetch.js"></script>
77
<script src="https://cdn.jsdelivr.net/npm/dropbox/dist/Dropbox-sdk.js"></script>
8-
<script src="https://cdn.jsdelivr.net/npm/dropbox-oauth-popup@1.3.1/dist/dropboxPopup.js"></script>
8+
<script src="https://cdn.jsdelivr.net/npm/dropbox-oauth-popup@1.4.0/dist/dropboxPopup.js"></script>
99
</head>
1010

1111
<body>

package.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"name": "dropbox-oauth-popup",
3-
"version": "1.3.1",
3+
"version": "1.4.0",
44
"registry": "npm",
55
"description": "This is a simple addition built onto the Dropbox SDK that allows for OAuth in the browser to be done via a popup window.",
66
"homepage": "https://github.com/rogebrd/dropbox-oauth-popup",

src/dropboxPopup.js

Lines changed: 55 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,15 @@ function dispatchResult() {
1717

1818
window.addEventListener('load', dispatchResult);
1919

20-
const popupFeatures = 'toolbar=no, menubar=no, width=600, height=800, top=100, left=100';
21-
const popupName = 'Dropbox OAuth';
20+
const windowName = 'Dropbox OAuth';
21+
const defaultWindowOptions = {
22+
toolbar: 'no',
23+
menubar: 'no',
24+
width: 600,
25+
height: 800,
26+
top: 100,
27+
left: 100,
28+
};
2229

2330
/**
2431
* @class DropboxPopup
@@ -27,16 +34,57 @@ const popupName = 'Dropbox OAuth';
2734
* @param {string} [options.clientId] - The client id for your app.
2835
* @param {string} [options.clientSecret] - The client secret for your app.
2936
* @param {string} [options.redirectUri] - The redirect Uri to return to once auth is complete.
37+
* @param {string} [options.tokenAccessType] - type of token to request. From the following:
38+
* legacy - creates one long-lived token with no expiration
39+
* online - create one short-lived token with an expiration
40+
* offline - create one short-lived token with an expiration with a refresh token
41+
* @param {Array<string>} [options.scope] - scopes to request for the grant
42+
* @param {string} [options.includeGrantedScopes] - whether or not to include
43+
* previously granted scopes.
44+
* From the following:
45+
* user - include user scopes in the grant
46+
* team - include team scopes in the grant
47+
* Note: if this user has never linked the app, include_granted_scopes must be None
48+
* @param {boolean} [options.usePKCE] - Whether or not to use Sha256 based PKCE.
49+
* PKCE should be only use on client apps which doesn't call your server.
50+
* It is less secure than non-PKCE flow but can be used if you are unable to safely
51+
* retrieve your app secret
52+
* @param {object} windowOptions
53+
* @param {number} [windowOptions.width] - The width of the popup window in pixels.
54+
* @param {number} [windowOptions.height] - The height of the popup window in pixels.
55+
* @param {number} [windowOptions.top] - The number of pixels from the top of the screen.
56+
* @param {number} [windowOptions.left] - The number of pixels from the left side of the screen.
57+
* @param {object} [windowOptions.additionalParams] - Any additional parameters desired to be used
58+
* with the window.open() command. Note, by default, we add the parameters toolbar=no and menubar=no
59+
* in order to ensure this opens as a popup.
3060
*/
3161
export default class DropboxPopup {
32-
constructor(options) {
62+
constructor(options, windowOptions) {
3363
this.clientId = options.clientId;
34-
this.clientSecret = options.clientSecret;
64+
this.redirectUri = options.redirectUri;
65+
this.clientSecret = options.clientSecret || '';
66+
this.tokenAccessType = options.tokenAccessType || 'offline';
67+
this.scope = options.scope || null;
68+
this.includeGrantedScopes = options.includeGrantedScopes || 'none';
69+
this.usePKCE = options.usePKCE || false;
70+
3571
this.authObject = new DropboxAuth({
3672
clientId: this.clientId,
3773
clientSecret: this.clientSecret,
3874
});
39-
this.redirectUri = options.redirectUri;
75+
76+
this.state = Math.random().toString(36).substring(7);
77+
78+
// Set window options with format of key=value,key=value...
79+
const overlayedWindowOptions = Object.assign(defaultWindowOptions, windowOptions);
80+
this.windowOptions = '';
81+
Object.keys(overlayedWindowOptions).forEach((key) => {
82+
if (this.windowOptions === '') {
83+
this.windowOptions = `${key}=${overlayedWindowOptions[key]}`;
84+
} else {
85+
this.windowOptions = this.windowOptions.concat(`, ${key}=${overlayedWindowOptions[key]}`);
86+
}
87+
});
4088
}
4189

4290
/**
@@ -49,8 +97,8 @@ export default class DropboxPopup {
4997
window.removeEventListener('message', this.handleRedirect);
5098
this.callback = callback;
5199
this.callback.bind(this);
52-
const authUrl = this.authObject.getAuthenticationUrl(this.redirectUri, '', 'code', 'offline');
53-
const popupWindow = window.open(authUrl, popupName, popupFeatures);
100+
const authUrl = this.authObject.getAuthenticationUrl(this.redirectUri, this.state, 'code', this.tokenAccessType, this.scope, this.includeGrantedScopes, this.usePKCE);
101+
const popupWindow = window.open(authUrl, windowName, this.windowOptions);
54102
popupWindow.focus();
55103

56104
window.addEventListener('message', (event) => this.handleRedirect(event), false);

test/static/index.html

Lines changed: 20 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,6 @@
22
<html>
33

44
<head>
5-
<script rel="stylesheet" src="styles.css"></script>
65
<script src="https://cdn.jsdelivr.net/npm/promise-polyfill@7/dist/polyfill.min.js"></script>
76
<script src="https://cdnjs.cloudflare.com/ajax/libs/fetch/2.0.3/fetch.js"></script>
87
<script src="https://cdn.jsdelivr.net/npm/dropbox/dist/Dropbox-sdk.js"></script>
@@ -11,24 +10,38 @@
1110

1211
<body>
1312
<div>
14-
<h1>Dropbox OAuth Popup Window Example</h1>
13+
<h1>Dropbox OAuth Popup Window</h1>
14+
<p>
15+
See the Dropbox OAuth Popup Window in action by clicking the run example button.
16+
This example will authenticate with your Dropbox account and use the token to fetch
17+
the current account using the `users.getCurrentAccount` endpoint. (Note, nothing is
18+
saved, this is just a demo.)
19+
</p>
20+
<p>See the code on <a
21+
href="https://github.com/rogebrd/dropbox-oauth-popup/blob/main/examples/browser.html">GitHub</a></p>
1522
<button onclick="runAuth()">Run Example</button>
1623
<p id="result"></p>
1724
<script>
1825
const popup = new DropboxPopup({
19-
clientId: 'XXXXXXXXXX',
20-
clientSecret: 'XXXXXXXXXX',
21-
redirectUri: 'https://XXXXXXXXXX'
26+
clientId: 'a04f1ghft6a45rn',
27+
clientSecret: 'tbjemcamktbyiy9',
28+
redirectUri: 'http://localhost:8080'
29+
}, {
30+
height: 600,
31+
width: 400,
32+
top: 100,
33+
left: 100
2234
});
2335
function runAuth() {
36+
document.getElementById("result").innerHTML = "Waiting for auth...";
2437
popup.authUser((auth) => {
2538
const dbx = new Dropbox.Dropbox(auth);
2639
dbx.usersGetCurrentAccount()
2740
.then((response) => {
28-
document.getElementById("result").innerHTML = result.result;
41+
document.getElementById("result").innerHTML = JSON.stringify(response.result);
2942
})
3043
.catch((error) => {
31-
console.error(error);
44+
document.getElementById("result").innerHTML = error;
3245
});
3346
});
3447
}

0 commit comments

Comments
 (0)