Make redirect_uri verification optional because many IndieAuth clients don't implement it - show a stylish icon to convey whether the client was verified

This commit is contained in:
Danielle McLean 2017-10-29 19:15:29 +11:00
parent 3c95eeeefb
commit e5d3af1b51
Signed by: 00dani
GPG key ID: 5A5D2D1AFF12EEC5
8 changed files with 63 additions and 9 deletions

View file

@ -2,3 +2,14 @@
img img
height 2em height 2em
margin-right .5em margin-right .5em
.tippy-tooltip
&.success-theme
color $base0B
background-color $base03
&.warning-theme
color $base0A
background-color $base03
.verified-success
color $base0B
.verified-warning
color $base0A

View file

@ -1,5 +1,5 @@
{% extends 'lemoncurry/layout.html' %} {% extends 'lemoncurry/layout.html' %}
{% load static %} {% load markdown static %}
{% block styles %} {% block styles %}
<link rel="stylesheet" type="text/stylus" href="{% static 'lemonauth/css/indie.styl' %}" /> <link rel="stylesheet" type="text/stylus" href="{% static 'lemonauth/css/indie.styl' %}" />
@ -13,6 +13,11 @@
sign in to sign in to
{% if app %}{{ app.name | first }}{% endif %} {% if app %}{{ app.name | first }}{% endif %}
{% if app %}({% endif %}<a class="u-url code{% if not app %} p-name{% endif %}" href="{{ params.client_id }}">{{ params.client_id }}</a>{% if app %}){% endif %}? {% if app %}({% endif %}<a class="u-url code{% if not app %} p-name{% endif %}" href="{{ params.client_id }}">{{ params.client_id }}</a>{% if app %}){% endif %}?
{% if verified %}
<i class="fa fa-check-circle verified-success" data-tooltip data-theme="success" data-html="#verified-success"></i>
{% else %}
<i class="fa fa-question-circle verified-warning" data-tooltip data-theme="warning" data-html="#verified-warning"></i>
{% endif %}
</h4> </h4>
<div class="card-body"> <div class="card-body">
@ -35,4 +40,16 @@
<input name="response_type" type="hidden" value="{{ params.response_type }}" /> <input name="response_type" type="hidden" value="{{ params.response_type }}" />
</form> </form>
</div> </div>
<div id="verified-success" hidden>
this client has been <strong>verified</strong> using <code>{{ '<link rel="redirect_uri">' | force_escape }}</code> - they are who they claim to be!
</div>
<div id="verified-warning" hidden>
this client could <strong>not</strong> be verified using <code>{{ '<link rel="redirect_uri">' | force_escape }}</code> - check the redirect uri carefully yourself!
</div>
{% endblock %}
{% block foot %}
<script type="text/javascript">
tippy('[data-tooltip]', {arrow: true});
</script>
{% endblock %} {% endblock %}

View file

@ -58,18 +58,20 @@ class IndieView(TemplateView):
rels = (client.to_dict()['rel-urls'] rels = (client.to_dict()['rel-urls']
.get(params['redirect_uri'], {}) .get(params['redirect_uri'], {})
.get('rels', ())) .get('rels', ()))
if 'redirect_uri' not in rels: verified = 'redirect_uri' in rels
return HttpResponseBadRequest(
'your redirect_uri is not published on your client_id page',
content_type='text/plain'
)
try: try:
app = client.to_dict(filter_by_type='h-x-app')[0]['properties'] app = client.to_dict(filter_by_type='h-x-app')[0]['properties']
except IndexError: except IndexError:
app = None app = None
return {'app': app, 'me': me, 'params': params, 'title': 'indieauth'} return {
'app': app,
'me': me,
'verified': verified,
'params': params,
'title': 'indieauth',
}
def post(self, request): def post(self, request):
post = request.POST.dict() post = request.POST.dict()

View file

@ -11,8 +11,15 @@ module.exports = function() {
return function(style) { return function(style) {
for (let i = 0; i < 16; i++) { for (let i = 0; i < 16; i++) {
const key = 'base0' + i.toString(16).toUpperCase(); const key = 'base0' + i.toString(16).toUpperCase();
const hex = theme[key];
const colour = new stylus.nodes.RGBA(
parseInt(hex.substr(0, 2), 16),
parseInt(hex.substr(2, 2), 16),
parseInt(hex.substr(4, 2), 16),
1
);
style.define('$' + key, new stylus.nodes.Literal('#' + theme[key])); style.define('$' + key, colour);
} }
}; };
}; };

1
lemoncurry/static/tippy.js Symbolic link
View file

@ -0,0 +1 @@
../../node_modules/tippy.js/dist

View file

@ -24,6 +24,7 @@
integrity="sha384-PsH8R72JQ3SOdhVi3uxftmaW6Vc51MKb0q5P2rRUpPvrszuE4W1povHYgTpBfshb" crossorigin="anonymous" /> integrity="sha384-PsH8R72JQ3SOdhVi3uxftmaW6Vc51MKb0q5P2rRUpPvrszuE4W1povHYgTpBfshb" crossorigin="anonymous" />
{% compress css %} {% compress css %}
<link rel="stylesheet" type="text/css" href={% static 'openwebicons/css/openwebicons.css' %} /> <link rel="stylesheet" type="text/css" href={% static 'openwebicons/css/openwebicons.css' %} />
<link rel="stylesheet" type="text/css" href={% static 'tippy.js/tippy.css' %} />
<link rel="stylesheet" type="text/stylus" href="{% static 'lemoncurry/css/layout.styl' %}" /> <link rel="stylesheet" type="text/stylus" href="{% static 'lemoncurry/css/layout.styl' %}" />
{% block styles %}{% endblock %} {% block styles %}{% endblock %}
{% endcompress %} {% endcompress %}
@ -64,5 +65,9 @@
integrity="sha384-vFJXuSJphROIrBnz7yo7oB41mKfc8JzQZiCq4NCceLEaO4IHwicKwpJf9c9IpFgh"></script> integrity="sha384-vFJXuSJphROIrBnz7yo7oB41mKfc8JzQZiCq4NCceLEaO4IHwicKwpJf9c9IpFgh"></script>
<script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js" crossorigin="anonymous" <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/js/bootstrap.min.js" crossorigin="anonymous"
integrity="sha384-alpBpkh1PFOepccYVYDB4do5UnbKysX5WZXm3XxPqe5iKTfUKjNkCk9SaVuEZflJ"></script> integrity="sha384-alpBpkh1PFOepccYVYDB4do5UnbKysX5WZXm3XxPqe5iKTfUKjNkCk9SaVuEZflJ"></script>
{% compress js %}
<script src="{% static 'tippy.js/tippy.standalone.js' %}"></script>
{% block foot %}{% endblock %}
{% endcompress %}
</body> </body>
</html> </html>

View file

@ -8,6 +8,7 @@
"stylus": "^0.54.5" "stylus": "^0.54.5"
}, },
"dependencies": { "dependencies": {
"openwebicons": "^1.4.3" "openwebicons": "^1.4.3",
"tippy.js": "^1.4.1"
} }
} }

View file

@ -108,6 +108,10 @@ path-is-absolute@^1.0.0:
version "1.0.1" version "1.0.1"
resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f" resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f"
popper.js@^1.12.4:
version "1.12.6"
resolved "https://registry.yarnpkg.com/popper.js/-/popper.js-1.12.6.tgz#91e12a97b07815258b76915d64044e8ac053d426"
sax@0.5.x: sax@0.5.x:
version "0.5.8" version "0.5.8"
resolved "https://registry.yarnpkg.com/sax/-/sax-0.5.8.tgz#d472db228eb331c2506b0e8c15524adb939d12c1" resolved "https://registry.yarnpkg.com/sax/-/sax-0.5.8.tgz#d472db228eb331c2506b0e8c15524adb939d12c1"
@ -133,6 +137,12 @@ stylus@^0.54.5:
sax "0.5.x" sax "0.5.x"
source-map "0.1.x" source-map "0.1.x"
tippy.js@^1.4.1:
version "1.4.1"
resolved "https://registry.yarnpkg.com/tippy.js/-/tippy.js-1.4.1.tgz#a20831a53e40566825c0b3c6ad72afc30e97c6f5"
dependencies:
popper.js "^1.12.4"
wrappy@1: wrappy@1:
version "1.0.2" version "1.0.2"
resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f" resolved "https://registry.yarnpkg.com/wrappy/-/wrappy-1.0.2.tgz#b5243d8f3ec1aa35f1364605bc0d1036e30ab69f"