Created
February 18, 2016 16:08
-
-
Save markjulmar/40cfed136eada6339f68 to your computer and use it in GitHub Desktop.
Fix double-processing of redirect_uri
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- a/src/Xamarin.Auth/OAuth2Authenticator.cs | |
+++ b/src/Xamarin.Auth/OAuth2Authenticator.cs | |
@@ -235,7 +235,7 @@ namespace Xamarin.Auth | |
/// <param name='fragment'> | |
/// The parsed fragment of the URL. | |
/// </param> | |
- protected override void OnPageEncountered (Uri url, IDictionary<string, string> query, IDictionary<string, string> fragment) | |
+ protected override bool OnPageEncountered (Uri url, IDictionary<string, string> query, IDictionary<string, string> fragment, bool pageLoaded) | |
{ | |
var all = new Dictionary<string, string> (query); | |
foreach (var kv in fragment) | |
@@ -248,14 +248,14 @@ namespace Xamarin.Auth | |
if (all ["state"] != requestState && !reportedForgery) { | |
reportedForgery = true; | |
OnError ("Invalid state from server. Possible forgery!"); | |
- return; | |
+ return false; | |
} | |
} | |
// | |
// Continue processing | |
// | |
- base.OnPageEncountered (url, query, fragment); | |
+ return base.OnPageEncountered (url, query, fragment, pageLoaded); | |
} | |
/// <summary> | |
--- a/src/Xamarin.Auth/WebAuthenticator.cs | |
+++ b/src/Xamarin.Auth/WebAuthenticator.cs | |
@@ -79,8 +79,9 @@ namespace Xamarin.Auth | |
/// <param name='url'> | |
/// The URL of the page. | |
/// </param> | |
- public virtual void OnPageLoading (Uri url) | |
+ public virtual bool OnPageLoading (Uri url) | |
{ | |
+ return true; | |
} | |
/// <summary> | |
--- a/src/Xamarin.Auth/WebRedirectAuthenticator.cs | |
+++ b/src/Xamarin.Auth/WebRedirectAuthenticator.cs | |
@@ -86,7 +86,7 @@ namespace Xamarin.Auth | |
var query = WebEx.FormDecode (url.Query); | |
var fragment = WebEx.FormDecode (url.Fragment); | |
- OnPageEncountered (url, query, fragment); | |
+ OnPageEncountered (url, query, fragment, true); | |
} | |
/// <summary> | |
@@ -95,12 +95,12 @@ namespace Xamarin.Auth | |
/// <param name='url'> | |
/// The URL of the page. | |
/// </param> | |
- public override void OnPageLoading (Uri url) | |
+ public override bool OnPageLoading (Uri url) | |
{ | |
var query = WebEx.FormDecode (url.Query); | |
var fragment = WebEx.FormDecode (url.Fragment); | |
- OnPageEncountered (url, query, fragment); | |
+ return OnPageEncountered (url, query, fragment, false); | |
} | |
/// <summary> | |
@@ -122,7 +122,7 @@ namespace Xamarin.Auth | |
/// method to check redirect URLs at the earliest possible time to avoid showing redirect pages if unnecessary. | |
/// </para> | |
/// </remarks> | |
- protected virtual void OnPageEncountered (Uri url, IDictionary<string, string> query, IDictionary<string, string> fragment) | |
+ protected virtual bool OnPageEncountered (Uri url, IDictionary<string, string> query, IDictionary<string, string> fragment, bool pageLoaded) | |
{ | |
var all = new Dictionary<string, string> (query); | |
foreach (var kv in fragment) | |
@@ -137,15 +137,17 @@ namespace Xamarin.Auth | |
description = all ["error_description"]; | |
} | |
OnError (description); | |
- return; | |
+ return false; | |
} | |
// | |
// Watch for the redirect | |
// | |
- if (UrlMatchesRedirect (url)) { | |
+ if (!pageLoaded && UrlMatchesRedirect (url)) { | |
OnRedirectPageLoaded (url, query, fragment); | |
+ return false; | |
} | |
+ return true; | |
} | |
private bool UrlMatchesRedirect (Uri url) | |
--- a/src/Xamarin.Auth/OAuth2Authenticator.cs | |
+++ b/src/Xamarin.Auth/OAuth2Authenticator.cs | |
@@ -235,7 +235,7 @@ namespace Xamarin.Auth | |
/// <param name='fragment'> | |
/// The parsed fragment of the URL. | |
/// </param> | |
- protected override void OnPageEncountered (Uri url, IDictionary<string, string> query, IDictionary<string, string> fragment) | |
+ protected override bool OnPageEncountered (Uri url, IDictionary<string, string> query, IDictionary<string, string> fragment, bool pageLoaded) | |
{ | |
var all = new Dictionary<string, string> (query); | |
foreach (var kv in fragment) | |
@@ -248,14 +248,14 @@ namespace Xamarin.Auth | |
if (all ["state"] != requestState && !reportedForgery) { | |
reportedForgery = true; | |
OnError ("Invalid state from server. Possible forgery!"); | |
- return; | |
+ return false; | |
} | |
} | |
// | |
// Continue processing | |
// | |
- base.OnPageEncountered (url, query, fragment); | |
+ return base.OnPageEncountered (url, query, fragment, pageLoaded); | |
} | |
/// <summary> | |
diff --git a/src/Xamarin.Auth/WebAuthenticator.cs b/src/Xamarin.Auth/WebAuthenticator.cs | |
index 6eb8262..9f8007e 100644 | |
--- a/src/Xamarin.Auth/WebAuthenticator.cs | |
+++ b/src/Xamarin.Auth/WebAuthenticator.cs | |
@@ -79,8 +79,9 @@ namespace Xamarin.Auth | |
/// <param name='url'> | |
/// The URL of the page. | |
/// </param> | |
- public virtual void OnPageLoading (Uri url) | |
+ public virtual bool OnPageLoading (Uri url) | |
{ | |
+ return true; | |
} | |
/// <summary> | |
diff --git a/src/Xamarin.Auth/WebRedirectAuthenticator.cs b/src/Xamarin.Auth/WebRedirectAuthenticator.cs | |
index 141cc34..123bbf6 100644 | |
--- a/src/Xamarin.Auth/WebRedirectAuthenticator.cs | |
+++ b/src/Xamarin.Auth/WebRedirectAuthenticator.cs | |
@@ -86,7 +86,7 @@ namespace Xamarin.Auth | |
var query = WebEx.FormDecode (url.Query); | |
var fragment = WebEx.FormDecode (url.Fragment); | |
- OnPageEncountered (url, query, fragment); | |
+ OnPageEncountered (url, query, fragment, true); | |
} | |
/// <summary> | |
@@ -95,12 +95,12 @@ namespace Xamarin.Auth | |
/// <param name='url'> | |
/// The URL of the page. | |
/// </param> | |
- public override void OnPageLoading (Uri url) | |
+ public override bool OnPageLoading (Uri url) | |
{ | |
var query = WebEx.FormDecode (url.Query); | |
var fragment = WebEx.FormDecode (url.Fragment); | |
- OnPageEncountered (url, query, fragment); | |
+ return OnPageEncountered (url, query, fragment, false); | |
} | |
/// <summary> | |
@@ -122,7 +122,7 @@ namespace Xamarin.Auth | |
/// method to check redirect URLs at the earliest possible time to avoid showing redirect pages if unnecessary. | |
/// </para> | |
/// </remarks> | |
- protected virtual void OnPageEncountered (Uri url, IDictionary<string, string> query, IDictionary<string, string> fragment) | |
+ protected virtual bool OnPageEncountered (Uri url, IDictionary<string, string> query, IDictionary<string, string> fragment, bool pageLoaded) | |
{ | |
var all = new Dictionary<string, string> (query); | |
foreach (var kv in fragment) | |
@@ -137,15 +137,17 @@ namespace Xamarin.Auth | |
description = all ["error_description"]; | |
} | |
OnError (description); | |
- return; | |
+ return false; | |
} | |
// | |
// Watch for the redirect | |
// | |
- if (UrlMatchesRedirect (url)) { | |
+ if (!pageLoaded && UrlMatchesRedirect (url)) { | |
OnRedirectPageLoaded (url, query, fragment); | |
+ return false; | |
} | |
+ return true; | |
} | |
private bool UrlMatchesRedirect (Uri url) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment