add a possibily for a local web-service to forbid the request

2012-07-13 13:12:07 +02:00 · 2012-07-13 13:12:07 +02:00 · cea9d392f6
parent c35b7faed4
commit cea9d392f6
1 changed files with 46 additions and 17 deletions
--- a/store.html
+++ b/store.html
@ -15,24 +15,16 @@
    var C_IS_PASSIVE = "isPassive";
    var C_IDP_ENTITY_ID = "IdPentityID";
    var COOKIE_TIMEOUT_DAYS = 730; // 2 years
+    var check_requestor_ws = "./check.json";
+    var check_requestor_ws_timeout = 3000;
+    var ok = true;

-    var qs = $.parseQuerystring();
-    var entity_id = qs[C_ENTITY_ID];
-    var return_url = qs[C_RETURN];
-    var return_id_param = C_ENTITY_ID;
-    if (C_RETURNIDPARAM in qs) {
-      return_id_param = qs[C_RETURNIDPARAM];
-    }
-    var idp_entity_id = undefined;
-
-    if (C_IDP_ENTITY_ID in qs) {
-      idp_entity_id = qs[C_IDP_ENTITY_ID];
-      debug_alert('set idp to ' + idp_entity_id);
-    } else {
-      idp_entity_id = $.cookie(C_IDP_ENTITY_ID);
-    }
-    function response() {
+    function response(idp_entity_id) {
      debug_alert('query by ' + entity_id);
+      if (! return_url) {
+        alert("no return url");
+        return;
+      }
      if (idp_entity_id) {
        $.cookie(C_IDP_ENTITY_ID, idp_entity_id, { expires: COOKIE_TIMEOUT_DAYS });
        if (return_url.indexOf('?') == -1) {
@ -45,7 +37,44 @@
      debug_alert('returning to ' + return_url);
      window.location.href = return_url;
    }
-    response();
+
+    var qs = $.parseQuerystring();
+    var entity_id = qs[C_ENTITY_ID];
+    var return_url = qs[C_RETURN];
+    var return_id_param = C_ENTITY_ID;
+    if (C_RETURNIDPARAM in qs) {
+      return_id_param = qs[C_RETURNIDPARAM];
+    }
+    var idp_entity_id = undefined;
+
+    if (check_requestor_ws) {
+      ok = false;
+      $.ajax({
+        url: check_requestor_ws,
+        dataType: 'json',
+        async: false,
+        timeout: check_requestor_ws_timeout,
+        data: { 'return': return_url, 'referrer': document.referrer },
+        success: function (data) {
+          if (data.result == 'ok') {
+            ok = true;
+          }
+        },
+        error: function (jqXHR, status) {
+          debug_alert("check_requestor_ws failed with status:" + status);
+        }
+      });
+    }
+    if (!ok) {
+      response();
+    } else {
+      if (C_IDP_ENTITY_ID in qs) {
+        debug_alert('set idp to ' + qs[C_IDP_ENTITY_ID]);
+        response(qs[C_IDP_ENTITY_ID]);
+      } else {
+        response($.cookie(C_IDP_ENTITY_ID));
+      }
+    }
  </script>
 </body>
 </html>