Browse Source

Make redirect_uri verification optional because many IndieAuth clients don't implement it - show a stylish icon to convey whether the client was verified

tags/v1.5.1
Danielle McLean 1 year ago
parent
commit
e5d3af1b51
Signed by: Danielle McLean <dani@00dani.me> GPG Key ID: 5A5D2D1AFF12EEC5

+ 11
- 0
lemonauth/static/lemonauth/css/indie.styl View File

@@ -2,3 +2,14 @@
2 2
 	img
3 3
 		height 2em
4 4
 		margin-right .5em
5
+.tippy-tooltip
6
+	&.success-theme
7
+		color $base0B
8
+		background-color $base03
9
+	&.warning-theme
10
+		color $base0A
11
+		background-color $base03
12
+.verified-success
13
+	color $base0B
14
+.verified-warning
15
+	color $base0A

+ 18
- 1
lemonauth/templates/lemonauth/indie.html View File

@@ -1,5 +1,5 @@
1 1
 {% extends 'lemoncurry/layout.html' %}
2
-{% load static %}
2
+{% load markdown static %}
3 3
 
4 4
 {% block styles %}
5 5
 <link rel="stylesheet" type="text/stylus" href="{% static 'lemonauth/css/indie.styl' %}" />
@@ -13,6 +13,11 @@
13 13
 			sign in to
14 14
 			{% if app %}{{ app.name | first }}{% endif %}
15 15
 			{% if app %}({% endif %}<a class="u-url code{% if not app %} p-name{% endif %}" href="{{ params.client_id }}">{{ params.client_id }}</a>{% if app %}){% endif %}?
16
+			{% if verified %}
17
+			<i class="fa fa-check-circle verified-success" data-tooltip data-theme="success" data-html="#verified-success"></i>
18
+			{% else %}
19
+			<i class="fa fa-question-circle verified-warning" data-tooltip data-theme="warning" data-html="#verified-warning"></i>
20
+			{% endif %}
16 21
 		</h4>
17 22
 
18 23
 		<div class="card-body">
@@ -35,4 +40,16 @@
35 40
 		<input name="response_type" type="hidden" value="{{ params.response_type }}" />
36 41
 	</form>
37 42
 </div>
43
+
44
+<div id="verified-success" hidden>
45
+	this client has been <strong>verified</strong> using <code>{{ '<link rel="redirect_uri">' | force_escape }}</code> - they are who they claim to be!
46
+</div>
47
+<div id="verified-warning" hidden>
48
+	this client could <strong>not</strong> be verified using <code>{{ '<link rel="redirect_uri">' | force_escape }}</code> - check the redirect uri carefully yourself!
49
+</div>
50
+{% endblock %}
51
+{% block foot %}
52
+<script type="text/javascript">
53
+	tippy('[data-tooltip]', {arrow: true});
54
+</script>
38 55
 {% endblock %}

+ 8
- 6
lemonauth/views/indie.py View File

@@ -58,18 +58,20 @@ class IndieView(TemplateView):
58 58
         rels = (client.to_dict()['rel-urls']
59 59
                 .get(params['redirect_uri'], {})
60 60
                 .get('rels', ()))
61
-        if 'redirect_uri' not in rels:
62
-            return HttpResponseBadRequest(
63
-                'your redirect_uri is not published on your client_id page',
64
-                content_type='text/plain'
65
-            )
61
+        verified = 'redirect_uri' in rels
66 62
 
67 63
         try:
68 64
             app = client.to_dict(filter_by_type='h-x-app')[0]['properties']
69 65
         except IndexError:
70 66
             app = None
71 67
 
72
-        return {'app': app, 'me': me, 'params': params, 'title': 'indieauth'}
68
+        return {
69
+            'app': app,
70
+            'me': me,
71
+            'verified': verified,
72
+            'params': params,
73
+            'title': 'indieauth',
74
+        }
73 75
 
74 76
     def post(self, request):
75 77
         post = request.POST.dict()

+ 8
- 1
lemoncurry/static/lemoncurry/css/theme.js View File

@@ -11,8 +11,15 @@ module.exports = function() {
11 11
 	return function(style) {
12 12
 		for (let i = 0; i < 16; i++) {
13 13
 			const key = 'base0' + i.toString(16).toUpperCase();
14
+			const hex = theme[key];
15
+			const colour = new stylus.nodes.RGBA(
16
+				parseInt(hex.substr(0, 2), 16),
17
+				parseInt(hex.substr(2, 2), 16),
18
+				parseInt(hex.substr(4, 2), 16),
19
+				1
20
+			);
14 21
 
15
-			style.define('$' + key, new stylus.nodes.Literal('#' + theme[key]));
22
+			style.define('$' + key, colour);
16 23
 		}
17 24
 	};
18 25
 };

+ 1
- 0
lemoncurry/static/tippy.js View File

@@ -0,0 +1 @@
1
+../../node_modules/tippy.js/dist

+ 5
- 0
lemoncurry/templates/lemoncurry/layout.html View File

@@ -24,6 +24,7 @@
24 24
 					integrity="sha384-PsH8R72JQ3SOdhVi3uxftmaW6Vc51MKb0q5P2rRUpPvrszuE4W1povHYgTpBfshb" crossorigin="anonymous" />
25 25
 		{% compress css %}
26 26
 		<link rel="stylesheet" type="text/css" href={% static 'openwebicons/css/openwebicons.css' %} />
27
+		<link rel="stylesheet" type="text/css" href={% static 'tippy.js/tippy.css' %} />
27 28
 		<link rel="stylesheet" type="text/stylus" href="{% static 'lemoncurry/css/layout.styl' %}" />
28 29
 		{% block styles %}{% endblock %}
29 30
 		{% endcompress %}
@@ -64,5 +65,9 @@
64 65
 						integrity="sha384-vFJXuSJphROIrBnz7yo7oB41mKfc8JzQZiCq4NCceLEaO4IHwicKwpJf9c9IpFgh"></script>
65 66
 		<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js" crossorigin="anonymous"
66 67
 						integrity="sha384-alpBpkh1PFOepccYVYDB4do5UnbKysX5WZXm3XxPqe5iKTfUKjNkCk9SaVuEZflJ"></script>
68
+		{% compress js %}
69
+		<script src="{% static 'tippy.js/tippy.standalone.js' %}"></script>
70
+		{% block foot %}{% endblock %}
71
+		{% endcompress %}
67 72
 	</body>
68 73
 </html>

+ 2
- 1
package.json View File

@@ -8,6 +8,7 @@
8 8
 		"stylus": "^0.54.5"
9 9
 	},
10 10
 	"dependencies": {
11
-		"openwebicons": "^1.4.3"
11
+		"openwebicons": "^1.4.3",
12
+		"tippy.js": "^1.4.1"
12 13
 	}
13 14
 }

+ 10
- 0
yarn.lock View File

@@ -108,6 +108,10 @@ path-is-absolute@^1.0.0:
108 108
   version "1.0.1"
109 109
   resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f"
110 110
 
111
+popper.js@^1.12.4:
112
+  version "1.12.6"
113
+  resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.12.6.tgz#91e12a97b07815258b76915d64044e8ac053d426"
114
+
111 115
 sax@0.5.x:
112 116
   version "0.5.8"
113 117
   resolved "https://registry.yarnpkg.com/sax/-/sax-0.5.8.tgz#d472db228eb331c2506b0e8c15524adb939d12c1"
@@ -133,6 +137,12 @@ stylus@^0.54.5:
133 137
     sax "0.5.x"
134 138
     source-map "0.1.x"
135 139
 
140
+tippy.js@^1.4.1:
141
+  version "1.4.1"
142
+  resolved "https://registry.yarnpkg.com/tippy.js/-/tippy.js-1.4.1.tgz#a20831a53e40566825c0b3c6ad72afc30e97c6f5"
143
+  dependencies:
144
+    popper.js "^1.12.4"
145
+
136 146
 wrappy@1:
137 147
   version "1.0.2"
138 148
   resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"

Loading…
Cancel
Save