Skip to content

Commit

Permalink
Merge pull request #2100 from SethDusek/i1900-fix
Browse files Browse the repository at this point in the history
#1900 Fix large integer overflows in swagger-ui
  • Loading branch information
kushti authored Mar 21, 2024
2 parents 05e4267 + 70eb187 commit 99309ce
Show file tree
Hide file tree
Showing 10 changed files with 44 additions and 138 deletions.
8 changes: 8 additions & 0 deletions src/main/resources/swagger-ui/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
## Introduction
Ergo uses a fork of swagger-ui with support for large integers. This repository can be found [here](https://github.com/SethDusek/swagger-ui).

You can update this swagger-ui file by first pulling from upstream in the swagger-ui repository. Then in the root of ergo project run the following:

``` shell
$ rsync -av --existing ../swagger-ui/dist/ src/main/resources/swagger-ui/
```
40 changes: 26 additions & 14 deletions src/main/resources/swagger-ui/oauth2-redirect.html
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
<!doctype html>
<html lang="en-US">
<body onload="run()">
</body>
</html>
<head>
<title>Swagger UI: OAuth2 Redirect</title>
</head>
<body>
<script>
'use strict';
function run () {
Expand All @@ -12,31 +13,32 @@
var isValid, qp, arr;

if (/code|token|error/.test(window.location.hash)) {
qp = window.location.hash.substring(1);
qp = window.location.hash.substring(1).replace('?', '&');
} else {
qp = location.search.substring(1);
}

arr = qp.split("&")
arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';})
arr = qp.split("&");
arr.forEach(function (v,i,_arr) { _arr[i] = '"' + v.replace('=', '":"') + '"';});
qp = qp ? JSON.parse('{' + arr.join() + '}',
function (key, value) {
return key === "" ? value : decodeURIComponent(value)
return key === "" ? value : decodeURIComponent(value);
}
) : {}
) : {};

isValid = qp.state === sentState
isValid = qp.state === sentState;

if ((
oauth2.auth.schema.get("flow") === "accessCode"||
oauth2.auth.schema.get("flow") === "authorizationCode"
oauth2.auth.schema.get("flow") === "accessCode" ||
oauth2.auth.schema.get("flow") === "authorizationCode" ||
oauth2.auth.schema.get("flow") === "authorization_code"
) && !oauth2.auth.code) {
if (!isValid) {
oauth2.errCb({
authId: oauth2.auth.name,
source: "auth",
level: "warning",
message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server"
message: "Authorization may be unsafe, passed state was changed in server. The passed state wasn't returned from auth server."
});
}

Expand All @@ -45,7 +47,7 @@
oauth2.auth.code = qp.code;
oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
} else {
let oauthErrorMsg
let oauthErrorMsg;
if (qp.error) {
oauthErrorMsg = "["+qp.error+"]: " +
(qp.error_description ? qp.error_description+ ". " : "no accessCode received from the server. ") +
Expand All @@ -56,12 +58,22 @@
authId: oauth2.auth.name,
source: "auth",
level: "error",
message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server"
message: oauthErrorMsg || "[Authorization failed]: no accessCode received from the server."
});
}
} else {
oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
}
window.close();
}

if (document.readyState !== 'loading') {
run();
} else {
document.addEventListener('DOMContentLoaded', function () {
run();
});
}
</script>
</body>
</html>
99 changes: 2 additions & 97 deletions src/main/resources/swagger-ui/swagger-ui-bundle.js

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion src/main/resources/swagger-ui/swagger-ui-bundle.js.map

Large diffs are not rendered by default.

15 changes: 2 additions & 13 deletions src/main/resources/swagger-ui/swagger-ui-standalone-preset.js

Large diffs are not rendered by default.

Large diffs are not rendered by default.

3 changes: 1 addition & 2 deletions src/main/resources/swagger-ui/swagger-ui.css

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion src/main/resources/swagger-ui/swagger-ui.css.map

Large diffs are not rendered by default.

9 changes: 1 addition & 8 deletions src/main/resources/swagger-ui/swagger-ui.js

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion src/main/resources/swagger-ui/swagger-ui.js.map

Large diffs are not rendered by default.

0 comments on commit 99309ce

Please sign in to comment.