Version 0.6.152, fix X.OAuth2.

[pettanr/clientJs.git] / 0.6.x / js / 06_net / 10_XOAuth2.js

diff --git a/0.6.x/js/06_net/10_XOAuth2.js b/0.6.x/js/06_net/10_XOAuth2.js
index d8f3dd1..43a34d6 100644 (file)
--- a/0.6.x/js/06_net/10_XOAuth2.js
+++ b/0.6.x/js/06_net/10_XOAuth2.js
@@ -21,6 +21,9 @@ var X_NET_OAUTH2_detection      = new Function( 'w', 'try{return w.location.sear
  * <dt>3 : <dd>refresh_token
  * <dt>4 : <dd>hasAccessToken
  * </dl>
+ * 
+ * original :
+ *  oauth2.js , <opendata@oucs.ox.ac.uk>
  */
 X[ 'OAuth2' ] = X_EventDispatcher[ 'inherits' ](
                'X.OAuth2',
@@ -43,6 +46,7 @@ X[ 'OAuth2' ] = X_EventDispatcher[ 'inherits' ](
                                obj.onAuthError   = X_NET_OAUTH2_onXHR401Error;
                                obj.updateRequest = X_NET_OAUTH2_updateRequest;
                                
+                               // TODO canUse
                                // TODO kill の cancel
                        },
 
@@ -90,7 +94,7 @@ X[ 'OAuth2' ] = X_EventDispatcher[ 'inherits' ](
                                };
                                
                                // http://kojikoji75.hatenablog.com/entry/2013/12/15/223839
-                               X_NET_OAUTH2_authorizationWindow && X_NET_OAUTH2_authorizationWindow.open( 'about:blank','_self' ).close();
+                               X_NET_OAUTH2_authorizationWindow && X_NET_OAUTH2_authorizationWindow.open( 'about:blank', '_self' ).close();
                                X_NET_OAUTH2_authorizationWindow  = null;
                                
                                X_NET_OAUTH2_authorizationTimerID && X_Timer_remove( X_NET_OAUTH2_authorizationTimerID );
@@ -146,7 +150,7 @@ function X_Net_OAuth2_detectAuthPopup(){
                pair      = X_Pair_get( this );
                pair.code = X_URL_ParamToObj( search.slice( 1 ) )[ 'code' ];
 
-               X_NET_OAUTH2_authorizationWindow.close();
+               X_NET_OAUTH2_authorizationWindow.open( 'about:blank', '_self' ).close();
                closed = true;
 
                X_Net_OAuth2_authorizationCode( this, pair );
@@ -241,27 +245,30 @@ function X_Net_OAuth2_responceHandler( e ){
        };
 };
 
-function X_NET_OAUTH2_onXHR401Error( oauth2 ){
+function X_NET_OAUTH2_onXHR401Error( oauth2, e ){
        var pair = this,
+               headers = e[ 'headers' ],
                xhr, bearerParams, headersExposed = false;
        
        if( _getAuthMechanism( oauth2 ) !== 'param' ){
                xhr            = X_NET_currentWrapper[ '_rawObject' ];
-               bearerParams   = xhr.getResponseHeader( 'WWW-Authenticate' );
-               headersExposed = !X_Net_XHR_createXDR || !!xhr.getAllResponseHeaders(); // this is a hack for Firefox and IE
+               headersExposed = !X_Net_XHR_createXDR || !!headers; // this is a hack for Firefox and IE
+               bearerParams   = headersExposed && ( headers[ 'WWW-Authenticate' ] || headers[ 'www-authenticate' ] );
+               X_Type_isArray( bearerParams ) && ( bearerParams = bearerParams.join( '\n' ) );
        };
        
        // http://d.hatena.ne.jp/ritou/20110402/1301679908
-       if ( bearerParams && bearerParams.indexOf( ' error="' ) === -1 ) {
+       if ( bearerParams && bearerParams.indexOf( ' error=' ) === -1 ) {
                pair.oauth2State = 0;
                oauth2[ 'asyncDispatch' ]( X_EVENT_NEED_AUTH );
        } else
-       if ((( bearerParams && bearerParams.indexOf( ' error="invalid_token"' ) !== -1 ) || !headersExposed) && _getRefreshToken( oauth2 ) ) {
+       if ((( bearerParams && bearerParams.indexOf( 'invalid_token' ) !== -1 ) || !headersExposed) && _getRefreshToken( oauth2 ) ) {
                _removeAccessToken( oauth2 ); // It doesn't work any more.
                pair.oauth2State = 3;
                oauth2[ 'refreshToken' ]();
-       } else
-       if (!headersExposed && !_getRefreshToken( oauth2 )) {
+       } else {
+       //if (!headersExposed && !_getRefreshToken( oauth2 )) {
+               _removeAccessToken( oauth2 ); // It doesn't work any more.
                pair.oauth2State = 0;
                oauth2[ 'asyncDispatch' ]( X_EVENT_NEED_AUTH );
        };