fix: Bogus access_token from Entra can cause PKCE redirect loop in ZBR (

#391)
openziti · Jan 10, 2025 · b0e3f80 · b0e3f80
1 parent d562324
commit b0e3f80
Show file tree

Hide file tree

Showing 6 changed files with 206 additions and 7 deletions.
diff --git a/package.json b/package.json
@@ -96,7 +96,7 @@
     "@auth0/auth0-spa-js": "^2.0.4",
     "@azure/msal-browser": "^2.38.0",
     "@babel/runtime": "^7.17.9",
-    "@openziti/ziti-browzer-core": "^0.51.1",
+    "@openziti/ziti-browzer-core": "^0.51.2",
     "bowser": "^2.11.0",
     "cookie-interceptor": "^1.0.0",
     "core-js": "^3.22.8",

diff --git a/src/runtime.js b/src/runtime.js
@@ -1386,6 +1386,15 @@ class ZitiBrowzerRuntime {
           }
         } catch (e) {
           invalidAccessToken = true;
+          try {
+            if (isTokenExpired(this.zitiConfig.id_token)) {
+              this.isAuthenticated = false;
+            } else {
+              this.isAuthenticated = true;
+            }
+          } catch (e) {
+            invalidAccessToken = true;
+          }
         }
       } else {
         this.logger.trace(`initialize() session token NOT found`);

diff --git a/src/tool-button/Throughput/Throughput.js b/src/tool-button/Throughput/Throughput.js
@@ -27,15 +27,44 @@ import $ from 'licia/$'
 import uPlot from 'uplot';
 import { classPrefix as c } from '../lib/util'
 import { THROUGHPUT_CSS } from './throughput_css';
+import { THROUGHPUT_UPLOT_CSS } from './throughput_uplot_css';
 
 
 
 export default class Throughput extends Tool {
   constructor() {
     super()
 
-    this._style = evalCss(THROUGHPUT_CSS)
+    function isCSSSelectorPresent(selector) {
+      for (const stylesheet of document.styleSheets) {
+          try {
+              const rules = stylesheet.cssRules || stylesheet.rules; // Get CSS rules
+              for (const rule of rules) {
+                if (rule.selectorText === selector) {
+                      return true; // Found the selector
+                  }
+              }
+          } catch (e) {
+              // Catch and ignore CORS errors for external stylesheets
+              console.warn('Could not access stylesheet due to CORS restrictions:', stylesheet.href);
+          }
+      }
+      return false; // Selector not found
+    }
+
+    setTimeout((self) => {
+
+      if (isCSSSelectorPresent('.uplot')) {
+        console.log('CSS selector .uplot already exists in the stylesheets -- we will NOT activate browZer-specific uplot styling');
+        self._style = evalCss(THROUGHPUT_CSS)
+      } else {
+        console.log('CSS selector .uplot does NOT exist in the stylesheets -- we WILL activate browZer-specific uplot styling');
+        self._style = evalCss(THROUGHPUT_UPLOT_CSS)
+      }
+
+    }, 2000, this)  
 
+
     this.name = 'throughput'
     this._throughputs = []
   }

diff --git a/src/tool-button/Throughput/throughput_uplot_css.js b/src/tool-button/Throughput/throughput_uplot_css.js
@@ -0,0 +1,161 @@
+
+export {  
+    THROUGHPUT_UPLOT_CSS
+};
+
+const THROUGHPUT_UPLOT_CSS = 
+
+` 
+#eruda-throughput{overflow-y:auto;-webkit-overflow-scrolling:touch}#eruda-throughput li{margin:10px}#eruda-throughput li .eruda-content,#eruda-throughput li .eruda-title{padding:10px}#eruda-throughput li .eruda-title{position:relative;padding-bottom:0;color:#1a73e8}#eruda-throughput li .eruda-title .eruda-icon-copy{position:absolute;right:10px;top:14px;color:#333;cursor:pointer;transition:color .3s}#eruda-throughput li .eruda-title .eruda-icon-copy:active{color:#1a73e8}#eruda-throughput li .eruda-content{margin:0;-webkit-user-select:text;-moz-user-select:text;-ms-user-select:text;user-select:text;color:#333;font-size:12px;word-break:break-all}#eruda-throughput li .eruda-content table{width:100%;border-collapse:collapse}#eruda-throughput li .eruda-content table td,#eruda-throughput li .eruda-content table th{padding:10px}#eruda-throughput li .eruda-content *{-webkit-user-select:text;-moz-user-select:text;-ms-user-select:text;user-select:text}#eruda-throughput li .eruda-content a{color:#1155cc}#eruda-throughput li .eruda-device-key,#eruda-throughput li .eruda-system-key{width:100px}.eruda-safe-area #eruda-throughput{padding-bottom:calc(10px + env(safe-area-inset-bottom))}
+
+.zitiBrowzerRuntime_bottom-bar {
+    position: fixed;
+    top: 100px;
+    left: 100px;
+    background-image: linear-gradient(to right, #0965f3, #e10c5c) !important;
+    color: #ffffff;
+    box-shadow: 0 0 5px rgba(0, 0, 0, 0.25);
+    box-sizing: border-box;
+    z-index: 99999;
+    border: 1px solid white;
+}
+
+.zitiBrowzerRuntime_bottom-bar__content {
+    max-width: 850px;
+    margin: 0 auto;
+    display: flex;
+    justify-content: space-between;
+}
+
+.zitiBrowzerRuntime_bottom-bar__content > * {
+    display: flex;
+    align-items: center;
+}
+
+.zitiBrowzerRuntime_bottom-bar__text {
+    padding-right: 10px;
+}
+
+.uplot, .uplot *, .uplot *::before, .uplot *::after {
+    box-sizing: border-box;
+}
+.zitiBrowzerRuntime_bottom-bar .uplot, .u-hz {
+    font-family: system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji";
+    line-height: 1.5;
+    width: min-content;
+    background-image: linear-gradient(to right, #0965f3, #e10c5c) !important;
+}
+    
+.u-title {
+    text-align: center;
+    font-size: 12px;
+    font-weight: bold;
+    color: white;
+}
+.u-label {
+    color: white;
+}
+.u-value {
+    color: white;
+}
+.u-wrap {
+    position: relative;
+    user-select: none;
+}
+.u-over, .u-under {
+    position: absolute;
+}
+.u-under {
+    overflow: hidden;
+}
+.uplot canvas {
+    display: block;
+    position: relative;
+    width: 100%;
+    height: 100%;
+}
+.u-axis {
+    position: absolute;
+    color: white;
+}
+.u-legend {
+    font-size: 12px;
+    margin: auto;
+    text-align: center;
+}
+.u-inline {
+    display: block;
+}
+.u-inline * {
+    display: inline-block;
+}
+.u-inline tr {
+    margin-right: 16px;
+}
+.u-legend th {
+    font-weight: 600;
+}
+.u-legend th > * {
+    vertical-align: middle;
+    display: inline-block;
+}
+.u-legend .u-marker {
+    width: 1em;
+    height: 1em;
+    margin-right: 4px;
+    background-clip: padding-box !important;
+}
+.u-inline.u-live th::after {
+    content: ":";
+    vertical-align: middle;
+}
+.u-inline:not(.u-live) .u-value {
+    display: none;
+}
+.u-series > * {
+    padding: 4px;
+}
+.u-series th {
+    cursor: pointer;
+}
+.u-legend .u-off > * {
+    opacity: 0.3;
+}
+.u-select {
+    background: rgba(0,0,0,0.07);
+    position: absolute;
+    pointer-events: none;
+}
+.u-cursor-x, .u-cursor-y {
+    position: absolute;
+    left: 0;
+    top: 0;
+    pointer-events: none;
+    will-change: transform;
+    z-index: 100;
+}
+.u-hz .u-cursor-x, .u-vt .u-cursor-y {
+    height: 100%;
+    border-right: 1px dashed white;
+}
+.u-hz .u-cursor-y, .u-vt .u-cursor-x {
+    width: 100%;
+    border-bottom: 1px dashed white;
+}
+.u-cursor-pt {
+    position: absolute;
+    top: 0;
+    left: 0;
+    border-radius: 50%;
+    border: 0 solid;
+    pointer-events: none;
+    will-change: transform;
+    z-index: 100;
+    /*this has to be !important since we set inline "background" shorthand */
+    background-clip: padding-box !important;
+}
+.u-axis.u-off, .u-select.u-off, .u-cursor-x.u-off, .u-cursor-y.u-off, .u-cursor-pt.u-off {
+    display: none;
+}           
+
+`
diff --git a/src/tool-button/eruda.js b/src/tool-button/eruda.js
@@ -281,7 +281,7 @@ const eruda = {
       } catch (e) {
         // Use nextTick to make sure it is possible to be caught by console panel.
         nextTick(() => {
-          logger.error(
+          console.error(
             `Something wrong when initializing tool ${name}:`,
             e.message
           )

diff --git a/yarn.lock b/yarn.lock
@@ -1205,10 +1205,10 @@
     "@types/emscripten" "^1.39.6"
     "@wasmer/wasi" "^1.0.2"
 
-"@openziti/ziti-browzer-core@^0.51.1":
-  version "0.51.1"
-  resolved "https://registry.yarnpkg.com/@openziti/ziti-browzer-core/-/ziti-browzer-core-0.51.1.tgz#e48ecb306bc508510542ee93c0750db9ad6d402d"
-  integrity sha512-jf4W+2OKc9NAnqB/iuK+Oh4mZihbWXxLosCc4wK1Ns4CkeLdNK1AjCbk2qx+NpCcmVwZDJk9R+jeJGn70ux9EQ==
+"@openziti/ziti-browzer-core@^0.51.2":
+  version "0.51.2"
+  resolved "https://registry.yarnpkg.com/@openziti/ziti-browzer-core/-/ziti-browzer-core-0.51.2.tgz#cdff48c4700636c4e85ceb6794ad93318cbf28da"
+  integrity sha512-pKApSloMsvOIaN09NjLJp7pTciRT8Tn1crBNkF5S09Hx+jLj7StirXB67K7SS7xtgLDy22cCqiOTqoHJvyEYgA==
   dependencies:
     "@openziti/libcrypto-js" "^0.24.0"
     "@openziti/ziti-browzer-edge-client" "^0.7.0"