Skip to content

cncolder/meteor-oauth-short-state

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.editorconfig
.editorconfig
 
 
.versions
.versions
 
 
README.md
README.md
 
 
client.js
client.js
 
 
common.js
common.js
 
 
package.js
package.js
 
 
server.js
server.js
 
 
tests.js
tests.js
 
 

Repository files navigation

colder:oauth-short-state

The colder:oauth-short-state package reduce oauth state size ~50%. Useful for when your OAuth provider limit state size.

Example

Setup:

meteor add colder:oauth-short-state

Improvement:

The source code of OAuth._stateParam like this

OAuth._stateParam = function (loginStyle, credentialToken, redirectUrl) {
  var state = {
    loginStyle: loginStyle,
    credentialToken: credentialToken,
    isCordova: Meteor.isCordova
  };

  if (loginStyle === 'redirect')
    state.redirectUrl = redirectUrl || ('' + window.location);

  return Base64.encode(JSON.stringify(state));
};

A normal example return 198 bytes

> encodeURIComponent(Base64.encode(JSON.stringify({
    loginStyle: 'redirect',
    credentialToken: Random.secret(),
    isCordova: false,
    redirectUrl: 'http://www.example.com'
  }))).length
198

Here we can reduce size to 118 bytes by short keys length, remove falsy key, change string value to enum number.

> const loginStyles = ['popup', 'redirect']
> encodeURIComponent(Base64.encode(JSON.stringify({
    l: 1 // loginStyles.indexOf('redirect')
    t: Random.secret(),
    r: 'http://www.example.com'
  }))).length
118

If you use another token (e.g. Random.id()) replace Random.secret(). You will get a smaller result 80 bytes. This for oauth package developer.

> encodeURIComponent(Base64.encode(JSON.stringify({
    l: 2,
    t: Random.id(),
    r: 'http://www.example.com'
  }))).length
80

About

Reduce meteor oauth package state size

Topics

meteor meteor-package meteorjs atmospherejs

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages