hanyuu/assets/oauth2.js/main.js

#include verify.js

(() => {
    const authoriseButtons = document.querySelectorAll('.js-authorise-action');

    for(const button of authoriseButtons) {
        button.disabled = false;

        button.onclick = () => {
            for(const other of authoriseButtons)
                other.disabled = true;

            const body = [];
            for(const name in button.dataset)
                body.push(encodeURIComponent(name) + '=' + encodeURIComponent(button.dataset[name]));

            const xhr = new XMLHttpRequest;
            xhr.responseType = 'json';
            xhr.open('POST', '/oauth2/authorise');
            xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');
            xhr.onload = () => {
                if(xhr.response.redirect)
                    location.assign(xhr.response.redirect);
                else
                    location.assign('/oauth2/error?error=invalid_request');
            };
            xhr.onerror = () => {
                for(const other of authoriseButtons)
                    other.disabled = false;
            };
            xhr.send(body.join('&'));
        };
    }

    if(location.pathname === '/oauth2/verify')
        HanyuuOAuth2Verify();
})();
Removed mentions of "device" from the UI and URLs. While the intention of the extension specification to OAuth2 for device codes is indeed intended for handling authorisation on devices where the user cannot use any input method on the device, it's also very useful for when we want to authorise older devices where there are other difficulties, such as outdated or intentionally omitted root certificates making it only possible to use plain HTTP, or just other sorts of applications where having to make a web UI just for receiving the authorisation code to complete the token request would be a bother, for me such a case would be bots like Satori. It essentially just replaces three-legged authorisation from OAuth 1.0a but without the needlessly complex annoying aspects of OAuth 1.0a. Beyond that I'm also just sick of entering my ridiculously long, randomly generated password letter by letter on the inaccurate touch screen of the Nintendo 3DS. 2024-07-30 13:08:22 +00:00			`#include verify.js`
Implemented partial UI for device authorisation. 2024-07-30 00:16:42 +00:00
Added styling to the authorisation prompt etc. 2024-07-21 00:47:00 +00:00			`(() => {`
			`const authoriseButtons = document.querySelectorAll('.js-authorise-action');`

			`for(const button of authoriseButtons) {`
			`button.disabled = false;`

			`button.onclick = () => {`
			`for(const other of authoriseButtons)`
			`other.disabled = true;`

			`const body = [];`
			`for(const name in button.dataset)`
			`body.push(encodeURIComponent(name) + '=' + encodeURIComponent(button.dataset[name]));`

			`const xhr = new XMLHttpRequest;`
			`xhr.responseType = 'json';`
			`xhr.open('POST', '/oauth2/authorise');`
			`xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded');`
			`xhr.onload = () => {`
			`if(xhr.response.redirect)`
			`location.assign(xhr.response.redirect);`
			`else`
			`location.assign('/oauth2/error?error=invalid_request');`
			`};`
			`xhr.onerror = () => {`
			`for(const other of authoriseButtons)`
			`other.disabled = false;`
			`};`
			`xhr.send(body.join('&'));`
			`};`
			`}`
Implemented partial UI for device authorisation. 2024-07-30 00:16:42 +00:00
Removed mentions of "device" from the UI and URLs. While the intention of the extension specification to OAuth2 for device codes is indeed intended for handling authorisation on devices where the user cannot use any input method on the device, it's also very useful for when we want to authorise older devices where there are other difficulties, such as outdated or intentionally omitted root certificates making it only possible to use plain HTTP, or just other sorts of applications where having to make a web UI just for receiving the authorisation code to complete the token request would be a bother, for me such a case would be bots like Satori. It essentially just replaces three-legged authorisation from OAuth 1.0a but without the needlessly complex annoying aspects of OAuth 1.0a. Beyond that I'm also just sick of entering my ridiculously long, randomly generated password letter by letter on the inaccurate touch screen of the Nintendo 3DS. 2024-07-30 13:08:22 +00:00			`if(location.pathname === '/oauth2/verify')`
			`HanyuuOAuth2Verify();`
Added styling to the authorisation prompt etc. 2024-07-21 00:47:00 +00:00			`})();`