| OLD | NEW |
|---|
| (Empty) | |
| 1 <!-- |
| 2 Copyright 2017 The LUCI Authors. All rights reserved. |
| 3 Use of this source code is governed under the Apache License, Version 2.0 |
| 4 that can be found in the LICENSE file. |
| 5 |
| 6 The `auth-signin` element displays sign-in/sign-out button, user email and |
| 7 avatar. |
| 8 It has a google-signin/google-signin-aware element under the hood that handles |
| 9 the actual OAuth logic. |
| 10 |
| 11 Usage: |
| 12 |
| 13 <auth-signin></auth-signin> |
| 14 |
| 15 Properties: |
| 16 auth_headers: Object, Use this as an argument to sk.request to set oauth2 he
aders. |
| 17 auth_response: Object, The raw gapi.auth2.AuthResponse object. |
| 18 client_id: String, The client id to authenticate |
| 19 profile: Object, Read Only, The email address and imageurl of the logged in
user. |
| 20 signed_in: Boolean, Read Only, if the user is logged in. |
| 21 |
| 22 Methods: |
| 23 signIn(): Signs the user in by popping up the authorization dialog. |
| 24 signOut(): Signs the user out. |
| 25 |
| 26 Events: |
| 27 auth-signin: Fired when the oauth handshake has completed and a user has log
ged in. |
| 28 --> |
| 29 |
| 30 <link rel="import" href="../../common/third_party/google-signin/google-signin-aw
are.html"> |
| 31 <link rel="import" href="../../bower_components/polymer/polymer.html"> |
| 32 |
| 33 |
| 34 <dom-module id="auth-signin"> |
| 35 <template> |
| 36 <style> |
| 37 #avatar { |
| 38 border-radius: 5px; |
| 39 } |
| 40 |
| 41 a { |
| 42 color: white; |
| 43 } |
| 44 |
| 45 .center { |
| 46 vertical-align: middle; |
| 47 } |
| 48 |
| 49 .sign-in-font { |
| 50 color: black; |
| 51 } |
| 52 </style> |
| 53 |
| 54 <google-signin-aware id="aware" |
| 55 client-id="[[client_id]]" |
| 56 scopes="email" |
| 57 on-google-signin-aware-success="_onSignin" |
| 58 on-google-signin-aware-signed-out="_onSignout"> |
| 59 </google-signin-aware> |
| 60 |
| 61 <template is="dom-if" if="[[!signed_in]]"> |
| 62 <div id="signinContainer"> |
| 63 <!-- TODO(cwpayton): Before official deployment, change href to "/#/" --
> |
| 64 <a class="sign-in-font" on-tap="signIn" href="/newui#/">Sign in</a> |
| 65 </div> |
| 66 </template> |
| 67 |
| 68 <template is="dom-if" if="[[signed_in]]"> |
| 69 <img class="center" id="avatar" src="[[profile.imageUrl]]" width="30" heig
ht="30"> |
| 70 <span class="center">[[profile.email]]</span> |
| 71 <span class="center">|</span> |
| 72 <!-- TODO(cwpayton): Before official deployment, change href to "/#/" --> |
| 73 <a class="center sign-in-font" on-tap="signOut" href="/newui#/">Sign out</
a> |
| 74 </template> |
| 75 </template> |
| 76 <script> |
| 77 'use strict'; |
| 78 Polymer({ |
| 79 is: 'auth-signin', |
| 80 properties: { |
| 81 auth_headers: { |
| 82 type: Object, |
| 83 value: () => {}, |
| 84 notify: true |
| 85 }, |
| 86 |
| 87 auth_response: { |
| 88 type: Object, |
| 89 notify: true, |
| 90 observer: '_makeHeader' |
| 91 }, |
| 92 |
| 93 client_id: { |
| 94 type: String |
| 95 }, |
| 96 |
| 97 profile: { |
| 98 type: Object, |
| 99 notify: true |
| 100 }, |
| 101 |
| 102 signed_in: { |
| 103 type: Boolean, |
| 104 value: false, |
| 105 notify: true |
| 106 } |
| 107 }, |
| 108 |
| 109 ready: function() { |
| 110 if (!this.client_id) { |
| 111 return; |
| 112 } |
| 113 // If a page is opened in a new tab, we are (likely) already logged in |
| 114 // so we wait for the gapi and auth2 to be loaded and re-extract our |
| 115 // access_token. |
| 116 window.setTimeout(function(){ |
| 117 // The 'gapi' checks are the same that signin-aware does. We do them |
| 118 // to avoid extraneous errors in the console. |
| 119 if (!this.signed_in && !this._signingIn){ |
| 120 if (('gapi' in window) && ('auth2' in window.gapi)) { |
| 121 var user = gapi.auth2.getAuthInstance().currentUser.get(); |
| 122 if (user && user.getAuthResponse().access_token) { |
| 123 // User is already logged in, can use the access_token. |
| 124 this._onSignin(); |
| 125 } else { |
| 126 window.setTimeout(this.ready.bind(this), 50); |
| 127 } |
| 128 } else { |
| 129 window.setTimeout(this.ready.bind(this), 50); |
| 130 } |
| 131 } |
| 132 }.bind(this), 50); |
| 133 }, |
| 134 |
| 135 _onSignin: function() { |
| 136 this._signingIn = true; |
| 137 var user = gapi.auth2.getAuthInstance().currentUser.get(); |
| 138 var profile = { email: user.getBasicProfile().getEmail(), |
| 139 imageUrl: user.getBasicProfile().getImageUrl() }; |
| 140 this.set('profile', {}); |
| 141 this.set('profile', profile); |
| 142 this.set('auth_response', user.getAuthResponse()); |
| 143 this.signed_in = true; |
| 144 // The credential will expire after a while (usually an hour) |
| 145 // so we need to reload it. |
| 146 this.async(function(){ |
| 147 console.log("reloading credentials"); |
| 148 user.reloadAuthResponse(); |
| 149 this._onSignin(); |
| 150 }, this.auth_response.expires_in * 1000); // convert seconds to ms |
| 151 this._signingIn = false; |
| 152 }, |
| 153 |
| 154 _onSignout: function(e) { |
| 155 this.signed_in = false; |
| 156 this.set('profile', null); |
| 157 }, |
| 158 |
| 159 _makeHeader: function() { |
| 160 if (!this.auth_response) { |
| 161 this.set('auth_headers', {}); |
| 162 } |
| 163 this.set('auth_headers', |
| 164 { |
| 165 "authorization": this.auth_response.token_type + " " + |
| 166 this.auth_response.access_token |
| 167 }); |
| 168 }, |
| 169 |
| 170 signIn: function() { |
| 171 this.$.aware.signIn(); |
| 172 }, |
| 173 |
| 174 signOut: function() { |
| 175 this.$.aware.signOut(); |
| 176 window.location.reload(); |
| 177 } |
| 178 }); |
| 179 </script> |
| 180 </dom-module> |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2962703003:
config_service: Add authentication to the UI. (Closed)
