Support multi-party login and use
This commit is contained in:
Tw93
@@ -193,5 +193,47 @@ pub fn set_window(app: &mut App, config: &PakeConfig, tauri_config: &Config) ->
|
|||||||
println!("Proxy configured: {}", config.proxy_url);
|
println!("Proxy configured: {}", config.proxy_url);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Allow navigation to OAuth/authentication domains
|
||||||
|
window_builder = window_builder.on_navigation(|url| {
|
||||||
|
let url_str = url.as_str();
|
||||||
|
|
||||||
|
// Always allow same-origin navigation
|
||||||
|
if url_str.starts_with("http://localhost") || url_str.starts_with("http://127.0.0.1") {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check for OAuth/authentication domains
|
||||||
|
let auth_patterns = [
|
||||||
|
"accounts.google.com",
|
||||||
|
"login.microsoftonline.com",
|
||||||
|
"github.com/login",
|
||||||
|
"appleid.apple.com",
|
||||||
|
"facebook.com",
|
||||||
|
"twitter.com",
|
||||||
|
];
|
||||||
|
|
||||||
|
let auth_paths = ["/oauth/", "/auth/", "/authorize", "/login"];
|
||||||
|
|
||||||
|
// Allow if matches auth patterns
|
||||||
|
for pattern in &auth_patterns {
|
||||||
|
if url_str.contains(pattern) {
|
||||||
|
#[cfg(debug_assertions)]
|
||||||
|
println!("Allowing OAuth navigation to: {}", url_str);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
for path in &auth_paths {
|
||||||
|
if url_str.contains(path) {
|
||||||
|
#[cfg(debug_assertions)]
|
||||||
|
println!("Allowing auth path navigation to: {}", url_str);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Allow all other navigation by default
|
||||||
|
true
|
||||||
|
});
|
||||||
|
|
||||||
window_builder.build().expect("Failed to build window")
|
window_builder.build().expect("Failed to build window")
|
||||||
}
|
}
|
||||||
|
|||||||
75
src-tauri/src/inject/event.js
vendored
75
src-tauri/src/inject/event.js
vendored
@@ -394,6 +394,12 @@ document.addEventListener("DOMContentLoaded", () => {
|
|||||||
const absoluteUrl = hrefUrl.href;
|
const absoluteUrl = hrefUrl.href;
|
||||||
let filename = anchorElement.download || getFilenameFromUrl(absoluteUrl);
|
let filename = anchorElement.download || getFilenameFromUrl(absoluteUrl);
|
||||||
|
|
||||||
|
// Early check: Allow OAuth/authentication links to navigate naturally
|
||||||
|
if (isAuthLink(absoluteUrl)) {
|
||||||
|
console.log("[Pake] Allowing OAuth navigation to:", absoluteUrl);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
// Handle _blank links: same domain navigates in-app, cross-domain opens new window
|
// Handle _blank links: same domain navigates in-app, cross-domain opens new window
|
||||||
if (target === "_blank") {
|
if (target === "_blank") {
|
||||||
if (forceInternalNavigation) {
|
if (forceInternalNavigation) {
|
||||||
@@ -474,10 +480,77 @@ document.addEventListener("DOMContentLoaded", () => {
|
|||||||
collectUrlToBlobs();
|
collectUrlToBlobs();
|
||||||
detectDownloadByCreateAnchor();
|
detectDownloadByCreateAnchor();
|
||||||
|
|
||||||
|
// Check if URL matches OAuth/authentication patterns
|
||||||
|
function matchesAuthUrl(url, baseUrl = window.location.href) {
|
||||||
|
try {
|
||||||
|
const urlObj = new URL(url, baseUrl);
|
||||||
|
const hostname = urlObj.hostname.toLowerCase();
|
||||||
|
const pathname = urlObj.pathname.toLowerCase();
|
||||||
|
const fullUrl = urlObj.href.toLowerCase();
|
||||||
|
|
||||||
|
// Common OAuth providers and paths
|
||||||
|
const oauthPatterns = [
|
||||||
|
/accounts\.google\.com/,
|
||||||
|
/accounts\.google\.[a-z]+/,
|
||||||
|
/login\.microsoftonline\.com/,
|
||||||
|
/github\.com\/login/,
|
||||||
|
/facebook\.com\/.*\/dialog/,
|
||||||
|
/twitter\.com\/oauth/,
|
||||||
|
/appleid\.apple\.com/,
|
||||||
|
/\/oauth\//,
|
||||||
|
/\/auth\//,
|
||||||
|
/\/authorize/,
|
||||||
|
/\/login\/oauth/,
|
||||||
|
/\/signin/,
|
||||||
|
/\/login/,
|
||||||
|
/servicelogin/,
|
||||||
|
/\/o\/oauth2/,
|
||||||
|
];
|
||||||
|
|
||||||
|
const isMatch = oauthPatterns.some(
|
||||||
|
(pattern) => pattern.test(hostname) || pattern.test(pathname) || pattern.test(fullUrl),
|
||||||
|
);
|
||||||
|
|
||||||
|
if (isMatch) {
|
||||||
|
console.log("[Pake] OAuth URL detected:", url);
|
||||||
|
}
|
||||||
|
|
||||||
|
return isMatch;
|
||||||
|
} catch (e) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if URL is an OAuth/authentication link
|
||||||
|
function isAuthLink(url) {
|
||||||
|
return matchesAuthUrl(url);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check if this is an OAuth/authentication popup
|
||||||
|
function isAuthPopup(url, name) {
|
||||||
|
// Check for known authentication window names
|
||||||
|
const authWindowNames = [
|
||||||
|
"AppleAuthentication",
|
||||||
|
"oauth2",
|
||||||
|
"oauth",
|
||||||
|
"google-auth",
|
||||||
|
"auth-popup",
|
||||||
|
"signin",
|
||||||
|
"login",
|
||||||
|
];
|
||||||
|
|
||||||
|
if (authWindowNames.includes(name)) {
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
return matchesAuthUrl(url);
|
||||||
|
}
|
||||||
|
|
||||||
// Rewrite the window.open function.
|
// Rewrite the window.open function.
|
||||||
const originalWindowOpen = window.open;
|
const originalWindowOpen = window.open;
|
||||||
window.open = function (url, name, specs) {
|
window.open = function (url, name, specs) {
|
||||||
if (name === "AppleAuthentication") {
|
// Allow authentication popups to open normally
|
||||||
|
if (isAuthPopup(url, name)) {
|
||||||
return originalWindowOpen.call(window, url, name, specs);
|
return originalWindowOpen.call(window, url, name, specs);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
3
src-tauri/tauri.conf.json
vendored
3
src-tauri/tauri.conf.json
vendored
@@ -10,7 +10,8 @@
|
|||||||
"id": "pake-tray"
|
"id": "pake-tray"
|
||||||
},
|
},
|
||||||
"security": {
|
"security": {
|
||||||
"headers": {}
|
"headers": {},
|
||||||
|
"csp": null
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"build": {
|
"build": {
|
||||||
|
|||||||
Reference in New Issue
Block a user