-
Notifications
You must be signed in to change notification settings - Fork 493
/
Copy pathparameters-whitelist.js
97 lines (86 loc) · 1.71 KB
/
parameters-whitelist.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
// For future reference:,
// The only parameters that should be allowed are parameters
// defined by the specification, or existing parameters that we
// need for compatibility
import objectHelper from './object';
var tokenParams = [
// auth0
'realm',
'audience',
'otp',
// oauth2
'client_id',
'client_secret',
'redirect_uri',
'scope',
'code',
'grant_type',
'username',
'password',
'refresh_token',
'assertion',
'client_assertion',
'client_assertion_type',
'code_verifier'
];
var authorizeParams = [
// auth0
'connection',
'connection_scope',
'auth0Client',
'owp',
'device',
'realm',
'organization',
'invitation',
'protocol',
'_csrf',
'_intstate',
'login_ticket',
// oauth2
'client_id',
'response_type',
'response_mode',
'redirect_uri',
'audience',
'scope',
'state',
'nonce',
'display',
'prompt',
'screen_hint',
'max_age',
'ui_locales',
'claims_locales',
'id_token_hint',
'login_hint',
'acr_values',
'claims',
'registration',
'request',
'request_uri',
'code_challenge',
'code_challenge_method',
// ADDITIONAL_PARAMETERS:
// https://auth0.com/docs/api/authentication?javascript#social
'access_type',
'display'
];
function oauthAuthorizeParams(warn, params) {
var notAllowed = objectHelper.getKeysNotIn(params, authorizeParams);
if (notAllowed.length > 0) {
warn.warning(
'Following parameters are not allowed on the `/authorize` endpoint: [' +
notAllowed.join(',') +
']'
);
}
return params;
}
function oauthTokenParams(warn, params) {
return objectHelper.pick(params, tokenParams);
}
export default {
oauthTokenParams: oauthTokenParams,
oauthAuthorizeParams: oauthAuthorizeParams
};