forked from filipg/gonito
100 lines
3.1 KiB
HTML
100 lines
3.1 KiB
HTML
|
|
<html>
|
|
<head>
|
|
<script src="/static/js/keycloak.js"></script>
|
|
<script>
|
|
var keycloak;
|
|
function initKeycloak() {
|
|
keycloak = new Keycloak({
|
|
url: 'http://127.0.0.1:8080/auth',
|
|
realm: 'master',
|
|
clientId: 'gonito',
|
|
"enable-cors": true
|
|
})
|
|
keycloak.init({
|
|
onLoad: 'login-required'
|
|
}).then(function(authenticated) {
|
|
// alert(authenticated ? 'authenticated' : 'not authenticated');
|
|
}).catch(function() {
|
|
alert('failed to initialize');
|
|
});
|
|
|
|
}
|
|
|
|
var loadData = function (target) {
|
|
|
|
var url = '/api/' + target;
|
|
|
|
var req = new XMLHttpRequest();
|
|
req.open('GET', url, true);
|
|
req.setRequestHeader('Accept', 'application/json');
|
|
req.setRequestHeader('Authorization', 'Bearer ' + keycloak.token);
|
|
|
|
req.onreadystatechange = function () {
|
|
if (req.readyState == 4) {
|
|
if (req.status == 200) {
|
|
alert(req.response);
|
|
} else if (req.status == 403) {
|
|
alert('Forbidden');
|
|
}
|
|
}
|
|
}
|
|
|
|
req.send();
|
|
};
|
|
|
|
function testCors() {
|
|
|
|
var createCORSRequest = function(method, url) {
|
|
var xhr = new XMLHttpRequest();
|
|
if ("withCredentials" in xhr) {
|
|
// Most browsers.
|
|
xhr.open(method, url, true);
|
|
} else if (typeof XDomainRequest != "undefined") {
|
|
// IE8 & IE9
|
|
xhr = new XDomainRequest();
|
|
xhr.open(method, url);
|
|
} else {
|
|
// CORS not supported.
|
|
xhr = null;
|
|
}
|
|
xhr.setRequestHeader('Authorization', 'Bearer ' +
|
|
keycloak.token);
|
|
xhr.setRequestHeader('Accept', 'application/json');
|
|
return xhr;
|
|
};
|
|
|
|
var url = '/api/list-challenges';
|
|
var method = 'GET';
|
|
var xhr = createCORSRequest(method, url);
|
|
|
|
xhr.onload = function() {
|
|
alert("OK");
|
|
};
|
|
|
|
xhr.onerror = function() {
|
|
alert("NOT OK")
|
|
};
|
|
|
|
xhr.send();
|
|
}
|
|
</script>
|
|
</head>
|
|
<body onload="initKeycloak()">
|
|
<h1>This is a simple web page to test Gonito as a backend with authorization by JWT tokens.</h1>
|
|
|
|
<p><button onclick="loadData('add-user')">Add user</button></p>
|
|
|
|
<p><button onclick="loadData('user-info')">Check user info</button></p>
|
|
|
|
<p><input type="text" id="challengeId" value="specify challenge ID here"/><button onclick="loadData('challenge-my-submissions/' + document.getElementById('challengeId').value)">Test
|
|
showing user's submissions</button></p>
|
|
|
|
<p><button onclick="loadData('list-challenges')">Yet another
|
|
test</button></p>
|
|
|
|
<p><button onclick="testCors()">CORS</button></p>
|
|
|
|
</body>
|
|
</html>
|