Fix cm

container/src/services/webcomponents.service.ts

@@ -194,7 +194,7 @@ export class WebComponentService {
    */
   generateWCId(viewUrl: string) {
     let charRep = '';
-    const normalizedViewUrl = new URL(viewUrl, location.href).href;
+    const normalizedViewUrl = new URL(viewUrl, encodeURI(location.href)).href;
     for (let i = 0; i < normalizedViewUrl.length; i++) {
       charRep += normalizedViewUrl.charCodeAt(i).toString(16);
     }

core/src/services/web-components.js

@@ -107,7 +107,7 @@ class WebComponentSvcClass {
    */
   generateWCId(viewUrl) {
     let charRep = '';
-    let normalizedViewUrl = new URL(viewUrl, location.href).href;
+    let normalizedViewUrl = new URL(viewUrl, encodeURI(location.href)).href;
     for (let i = 0; i < normalizedViewUrl.length; i++) {
       charRep += normalizedViewUrl.charCodeAt(i).toString(16);
     }

website/fiddle/public/auth/callback.html

@@ -1,108 +1,110 @@
-<!doctype html>
+<!DOCTYPE html>
 <html>
+  <head>
+    <meta http-equiv="Content-type" content="text/html;charset=UTF-8" />
+    <script type="text/javascript">
+      const tokenLifetimeDays = 7;
 
-<head>
-  <meta http-equiv="Content-type" content="text/html;charset=UTF-8">
-  <script type="text/javascript">
-    var tokenLifetimeDays = 7;
+      const getParameterByName = name => {
+        return new URLSearchParams(location.search).get(name);
+      };
 
-    /**
-     * get query parameter from url
-     * defaults to use location.href
-     * examples:
-     * // query string: ?foo=lorem&bar=&baz
-     * var foo = getParameterByName('foo'); // "lorem"
-     * var bar = getParameterByName('bar'); // "" (present with empty value)
-     * var baz = getParameterByName('baz'); // "" (present with no value)
-     * var qux = getParameterByName('qux'); // null (absent)
-     */
-    var getParameterByName = function (name, url) {
-      if (!url) url = encodeURIComponent(window.location.href);
-      name = name.replace(/[\[\]]/g, '\\$&');
-      var regex = new RegExp('[?&]' + name + '(=([^&#]*)|&|#|$)'),
-        results = regex.exec(url);
-      if (!results) return null;
-      if (!results[2]) return '';
-      return decodeURIComponent(results[2].replace(/\+/g, ' '));
-    };
+      const setAuthData = data => {
+        const storageType = getParameterByName('storageType') || 'localStorage';
+        switch (storageType) {
+          case 'localStorage':
+          case 'sessionStorage':
+            window[storageType].setItem('luigi.auth', JSON.stringify(data));
+            window[storageType].setItem('luigi.newlyAuthorized', true);
+            break;
+          default:
+            console.error(
+              'Configuration Error: Invalid auth.storage setting. Must be either localStorage or sessionStorage to be used with OAuth2 Provider.'
+            );
+        }
+      };
 
-    var setAuthData = function (data) {
-      var storageType = getParameterByName('storageType') || 'localStorage';
-      switch (storageType) {
-        case 'localStorage':
-        case 'sessionStorage':
-          window[storageType].setItem('luigi.auth', JSON.stringify(data));
-          window[storageType].setItem('luigi.newlyAuthorized', true);
-          break;
-        default:
-          console.error(
-            'Configuration Error: Invalid auth.storage setting. Must be either localStorage or sessionStorage to be used with OAuth2 Provider.'
-          );
-      }
-    };
+      const getHashParams = () => {
+        const hash = encodeURIComponent(window.location.hash.replace('#', ''));
+        return decodeURIComponent(hash)
+          .split('&')
+          .reduce(function(result, item) {
+            var parts = item.split('=');
+            result[parts[0]] = parts[1];
+            return result;
+          }, {});
+      };
 
-    var getHashParams = function () {
-      var hash = new URL(window.location).hash.substr(1);
-      return hash.split('&').reduce(function (result, item) {
-        var parts = item.split('=');
-        result[parts[0]] = parts[1];
-        return result;
-      }, {});
-    };
+      const processExpDate = expiresInString => {
+        let expirationDate;
+        const expiresIn = Number(expiresInString);
+        if (!isNaN(expiresIn) && expiresIn > 0) {
+          const nsToMsMultiplier = 1000;
+          expirationDate =
+            Number(new Date()) + nsToMsMultiplier * (expiresIn - tokenLifetimeDays);
+        }
+        return expirationDate;
+      };
 
-    var processExpDate = function (expiresInString) {
-      var expirationDate;
-      var expiresIn = Number(expiresInString);
-      if (!isNaN(expiresIn) && expiresIn > 0) {
-        var nsToMsMultiplier = 1000;
-        expirationDate =
-          Number(new Date()) + nsToMsMultiplier * (expiresIn - tokenLifetimeDays);
-      }
-      return expirationDate;
-    };
-  </script>
-</head>
+      const parseJwt = token => {
+        const base64Url = token.split('.')[1];
+        const base64 = base64Url.replace(/-/g, '+').replace(/_/g, '/');
+        const jsonPayload = decodeURIComponent(
+          atob(base64)
+            .split('')
+            .map(function(c) {
+              return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2);
+            })
+            .join('')
+        );
 
-<body>
-  <script type="text/javascript">
-    var uri = encodeURIComponent(window.location.href);
-    var hashParams = getHashParams(uri);
-    if (hashParams && (hashParams['access_token'] || hashParams['error'])) {
-      var error = hashParams['error'];
-      if (!error) {
-        var data = {
-          accessToken: hashParams['access_token'],
-          accessTokenExpirationDate: processExpDate(hashParams['expires_in']),
-          scope: hashParams['scope'],
-          idToken: hashParams['id_token']
-        };
+        return JSON.parse(jsonPayload);
+      };
+    </script>
+  </head>
 
-        setAuthData(data);
+  <body>
+    <script type="text/javascript">
+      const uri = encodeURIComponent(window.location.href);
+      const hashParams = getHashParams(uri);
+      const token = hashParams['access_token'] || hashParams['id_token'];
+      if (hashParams && (token || hashParams['error'])) {
+        const error = hashParams['error'];
+        const { exp } = parseJwt(hashParams['id_token']);
+        const expires_in = hashParams['expires_in'] || exp;
+        if (!error) {
+          const data = {
+            accessToken: token,
+            accessTokenExpirationDate: processExpDate(expires_in),
+            scope: hashParams['scope'],
+            idToken: hashParams['id_token']
+          };
 
-        var decodedState = atob(decodeURIComponent(hashParams['state'])).split(
-          '_luigiNonce='
-        );
-        var appState = decodedState[0] || '';
-        var nonce = decodedState[1];
+          setAuthData(data);
 
-        if (nonce !== sessionStorage.getItem('luigi.nonceValue')) {
-          document.getElementsByTagName('body')[0].innerHTML =
-            'Something went wrong. Try to log in again.';
-          throw new Error(
-            'State parameter returned from the authorization endpoint does not match locally stored state. Aborting login process.'
+          const decodedState = atob(decodeURIComponent(hashParams['state'])).split(
+            '_luigiNonce='
           );
-        }
+          const appState = decodeURI(decodedState[0] || '');
+          const nonce = decodedState[1];
 
-        window.location.href = appState;
-      } else {
-        // else tree only applies to idtoken auths, I guess
-        var errorDescription = hashParams['error_description'];
-        console.error('error', errorDescription);
-        window.location.href =
-          '/?error=' + error + '&errorDescription=' + errorDescription;
-      }
-    }
-  </script>
-</body>
+          if (nonce !== sessionStorage.getItem('luigi.nonceValue')) {
+            document.getElementsByTagName('body')[0].innerHTML =
+              'Something went wrong. Try to log in again.';
+            throw new Error(
+              'State parameter returned from the authorization endpoint does not match locally stored state. Aborting login process.'
+            );
+          }
 
-</html>
+          window.location.href = appState;
+        } else {
+          // else tree only applies to idtoken auths, I guess
+          const errorDescription = hashParams['error_description'];
+          console.error('error', errorDescription);
+          window.location.href =
+            '/?error=' + error + '&errorDescription=' + errorDescription;
+        }
+      }
+    </script>
+  </body>
+</html>