Merge pull request #282 from liggitt/allow-multi-login

Allow serial login flows to co-exist

Merge pull request #282 from liggitt/allow-multi-login
Allow serial login flows to co-exist
2a5fa871 · Jessica Forrester · GitHub · be7b0058 · dc0b4bc0 · 2a5fa871
Unverified Commit 2a5fa871 authored Jan 22, 2018 by Jessica Forrester Committed by GitHub Jan 22, 2018
4 changed files
--- a/dist/origin-web-common-services.js
+++ b/dist/origin-web-common-services.js
@@ -3513,7 +3513,14 @@ angular.module('openshiftCommonServices')
    var makeState = function(then) {
      var nonce = String(new Date().getTime()) + "-" + getRandomInts(8).join("");
      try {
-        window.localStorage[nonceKey] = nonce;
+        if (window.localStorage[nonceKey] && window.localStorage[nonceKey].length > 10) {
+          // Reuse an existing nonce if we have one, so that when multiple tabs get kicked to a login screen,
+          // any of them can succeed, not just the last login flow that was started. The nonce gets cleared when the login flow completes.
+          nonce = window.localStorage[nonceKey];
+        } else {
+          // Otherwise store the new nonce for comparison in parseState()
+          window.localStorage[nonceKey] = nonce;
+        }
      } catch(e) {
        authLogger.log("RedirectLoginService.makeState, localStorage error: ", e);
      }

--- a/dist/origin-web-common.js
+++ b/dist/origin-web-common.js
@@ -5564,7 +5564,14 @@ angular.module('openshiftCommonServices')
    var makeState = function(then) {
      var nonce = String(new Date().getTime()) + "-" + getRandomInts(8).join("");
      try {
-        window.localStorage[nonceKey] = nonce;
+        if (window.localStorage[nonceKey] && window.localStorage[nonceKey].length > 10) {
+          // Reuse an existing nonce if we have one, so that when multiple tabs get kicked to a login screen,
+          // any of them can succeed, not just the last login flow that was started. The nonce gets cleared when the login flow completes.
+          nonce = window.localStorage[nonceKey];
+        } else {
+          // Otherwise store the new nonce for comparison in parseState()
+          window.localStorage[nonceKey] = nonce;
+        }
      } catch(e) {
        authLogger.log("RedirectLoginService.makeState, localStorage error: ", e);
      }

--- a/dist/origin-web-common.min.js
+++ b/dist/origin-web-common.min.js
@@ -2493,7 +2493,7 @@ return randomValues;
 }, nonceKey = "RedirectLoginService.nonce", makeState = function(then) {
 var nonce = String(new Date().getTime()) + "-" + getRandomInts(8).join("");
 try {
-window.localStorage[nonceKey] = nonce;
+window.localStorage[nonceKey] && window.localStorage[nonceKey].length > 10 ? nonce = window.localStorage[nonceKey] :window.localStorage[nonceKey] = nonce;
 } catch (e) {
 authLogger.log("RedirectLoginService.makeState, localStorage error: ", e);
 }

--- a/src/services/redirectLoginService.js
+++ b/src/services/redirectLoginService.js
@@ -74,7 +74,14 @@ angular.module('openshiftCommonServices')
    var makeState = function(then) {
      var nonce = String(new Date().getTime()) + "-" + getRandomInts(8).join("");
      try {
-        window.localStorage[nonceKey] = nonce;
+        if (window.localStorage[nonceKey] && window.localStorage[nonceKey].length > 10) {
+          // Reuse an existing nonce if we have one, so that when multiple tabs get kicked to a login screen,
+          // any of them can succeed, not just the last login flow that was started. The nonce gets cleared when the login flow completes.
+          nonce = window.localStorage[nonceKey];
+        } else {
+          // Otherwise store the new nonce for comparison in parseState()
+          window.localStorage[nonceKey] = nonce;
+        }
      } catch(e) {
        authLogger.log("RedirectLoginService.makeState, localStorage error: ", e);
      }