Commit edb94f555d18cd95831bb8c3b5963c7bea44a089

Fix remove the app_secret config constant from client side code

  - The app_secret config constant was not required in the client side code but
    by mistake it was included. It is also a potential security leak. Remove the same.
swtr/static/js/oauth.js
(4 / 4)
  
22
33 var Oauth = function(options) {
44 // all necessary params provided?
5 if(!options.hasOwnProperty('app_id') || !options.hasOwnProperty('app_secret') ||
6 !options.hasOwnProperty('redirect_uri') || !options.hasOwnProperty('scopes') ||
5 if(!options.hasOwnProperty('app_id') ||
6 !options.hasOwnProperty('redirect_uri') ||
7 !options.hasOwnProperty('scopes') ||
78 !options.hasOwnProperty('endpoint')) {
89
9 throw new Error('All of the - app_id, app_secret, redirect_uri, scopes'+
10 throw new Error('All of the - app_id, redirect_uri, scopes'+
1011 ', endpoint - parameters must be provided');
1112 return;
1213 }
2020 }
2121
2222 this.app_id = options.app_id;
23 this.app_secret = options.app_secret;
2423 this.redirect_uri = options.redirect_uri;
2524 this.scopes = options.scopes.split(',');
2625 this.endpoint = options.endpoint;
swtr/static/js/swtmaker.js
(0 / 1)
  
291291 // initialize the oauth stuff
292292 this.oauth = new Oauth({
293293 app_id: swtr.app_id,
294 app_secret: swtr.app_secret,
295294 endpoint: swtr.swtstoreURL() + swtr.endpoints.auth,
296295 redirect_uri: swtr.oauth_redirect_uri,
297296 scopes: 'email,sweet'
swtr/templates/index.html
(0 / 1)
  
102102 swtr.access_token = '{{ access_token }}';
103103 swtr.refresh_token = '{{ refresh_token }}';
104104 swtr.app_id = '{{ config.app_id }}';
105 swtr.app_secret = '{{ config.app_secret }}';
106105 swtr.oauth_redirect_uri = '{{ config.redirect_uri }}';
107106 window.onload = function() {
108107 swtr.init();