server_two_providers_idtoken.sjs (1497B)
1 /* Any copyright is dedicated to the Public Domain. 2 * http://creativecommons.org/publicdomain/zero/1.0/ 3 */ 4 5 const BinaryInputStream = Components.Constructor( 6 "@mozilla.org/binaryinputstream;1", 7 "nsIBinaryInputStream", 8 "setInputStream" 9 ); 10 11 function readStream(inputStream) { 12 let available = 0; 13 let result = []; 14 while ((available = inputStream.available()) > 0) { 15 result.push(inputStream.readBytes(available)); 16 } 17 return result.join(""); 18 } 19 20 function handleRequest(request, response) { 21 if (request.method != "POST") { 22 response.setStatusLine(request.httpVersion, 405, "Method Not Allowed"); 23 return; 24 } 25 if ( 26 !request.hasHeader("Cookie") || 27 request.getHeader("Cookie") != "credential=authcookieval" 28 ) { 29 response.setStatusLine(request.httpVersion, 400, "Bad Request"); 30 return; 31 } 32 if ( 33 !request.hasHeader("Origin") || 34 request.getHeader("Origin") != "https://example.com" 35 ) { 36 response.setStatusLine(request.httpVersion, 400, "Bad Request"); 37 return; 38 } 39 40 response.setHeader("Access-Control-Allow-Origin", "https://example.com"); 41 response.setHeader("Access-Control-Allow-Credentials", "true"); 42 response.setHeader("Content-Type", "application/json"); 43 let requestContent = readStream( 44 new BinaryInputStream(request.bodyInputStream) 45 ); 46 let responseContent = { 47 token: requestContent, 48 }; 49 let body = JSON.stringify(responseContent); 50 response.setStatusLine(request.httpVersion, 200, "OK"); 51 response.write(body); 52 }