Allow serial login flows to co-exist

dc0b4bc0 · Jordan Liggitt · 518e296c · dc0b4bc0 · dc0b4bc0 · dc0b4bc0
Unverified Commit dc0b4bc0 authored Jan 22, 2018 by Jordan Liggitt
4 changed files
--- a/dist/origin-web-common-services.js
+++ b/dist/origin-web-common-services.js
@@ -3513,7 +3513,14 @@ angular.module('openshiftCommonServices')
    var makeState = function(then) {
      var nonce = String(new Date().getTime()) + "-" + getRandomInts(8).join("");
      try {
-        window.localStorage[nonceKey] = nonce;
+        if (window.localStorage[nonceKey] && window.localStorage[nonceKey].length > 10) {
+          // Reuse an existing nonce if we have one, so that when multiple tabs get kicked to a login screen,
+          // any of them can succeed, not just the last login flow that was started. The nonce gets cleared when the login flow completes.
+          nonce = window.localStorage[nonceKey];
+        } else {
+          // Otherwise store the new nonce for comparison in parseState()
+          window.localStorage[nonceKey] = nonce;
+        }
      } catch(e) {
        authLogger.log("RedirectLoginService.makeState, localStorage error: ", e);
      }

--- a/dist/origin-web-common.js
+++ b/dist/origin-web-common.js
@@ -5564,7 +5564,14 @@ angular.module('openshiftCommonServices')
    var makeState = function(then) {
      var nonce = String(new Date().getTime()) + "-" + getRandomInts(8).join("");
      try {
-        window.localStorage[nonceKey] = nonce;
+        if (window.localStorage[nonceKey] && window.localStorage[nonceKey].length > 10) {
+          // Reuse an existing nonce if we have one, so that when multiple tabs get kicked to a login screen,
+          // any of them can succeed, not just the last login flow that was started. The nonce gets cleared when the login flow completes.
+          nonce = window.localStorage[nonceKey];
+        } else {
+          // Otherwise store the new nonce for comparison in parseState()
+          window.localStorage[nonceKey] = nonce;
+        }
      } catch(e) {
        authLogger.log("RedirectLoginService.makeState, localStorage error: ", e);
      }

--- a/dist/origin-web-common.min.js
+++ b/dist/origin-web-common.min.js
@@ -2493,7 +2493,7 @@ return randomValues;
 }, nonceKey = "RedirectLoginService.nonce", makeState = function(then) {
 var nonce = String(new Date().getTime()) + "-" + getRandomInts(8).join("");
 try {
-window.localStorage[nonceKey] = nonce;
+window.localStorage[nonceKey] && window.localStorage[nonceKey].length > 10 ? nonce = window.localStorage[nonceKey] :window.localStorage[nonceKey] = nonce;
 } catch (e) {
 authLogger.log("RedirectLoginService.makeState, localStorage error: ", e);
 }

--- a/src/services/redirectLoginService.js
+++ b/src/services/redirectLoginService.js
@@ -74,7 +74,14 @@ angular.module('openshiftCommonServices')
    var makeState = function(then) {
      var nonce = String(new Date().getTime()) + "-" + getRandomInts(8).join("");
      try {
-        window.localStorage[nonceKey] = nonce;
+        if (window.localStorage[nonceKey] && window.localStorage[nonceKey].length > 10) {
+          // Reuse an existing nonce if we have one, so that when multiple tabs get kicked to a login screen,
+          // any of them can succeed, not just the last login flow that was started. The nonce gets cleared when the login flow completes.
+          nonce = window.localStorage[nonceKey];
+        } else {
+          // Otherwise store the new nonce for comparison in parseState()
+          window.localStorage[nonceKey] = nonce;
+        }
      } catch(e) {
        authLogger.log("RedirectLoginService.makeState, localStorage error: ", e);
      }