riot-desktop open SSO in browser so user doesn't have to auth twice

2025-01-31 05:29:58 +01:00 · 2020-03-02 15:04:51 +00:00 · 2020-03-02 15:04:51 +00:00 · abe074e43e
commit abe074e43e
parent 40eec12b86
4 changed files with 28 additions and 14 deletions
--- a/build/entitlements.mac.plist
+++ b/build/entitlements.mac.plist
@ -24,5 +24,20 @@
    <true/>
    <key>com.apple.security.device.audio-input</key>
    <true/>
+
+    <!-- Entitlements to support the riot:// protocol handler -->
+    <key>CFBundleURLTypes</key>
+    <array>
+        <dict>
+            <key>CFBundleURLSchemes</key>
+            <array>
+                <string>riot</string>
+            </array>
+            <key>CFBundleURLName</key>
+            <string>riot-web</string>
+            <key>CFBundleTypeRole</key>
+            <string>None</string>
+        </dict>
+    </array>
 </dict>
 </plist>
--- a/package.json
+++ b/package.json
@ -103,6 +103,10 @@
    "directories": {
      "output": "dist"
    },
-    "afterSign": "scripts/electron_afterSign.js"
+    "afterSign": "scripts/electron_afterSign.js",
+    "protocols": [{
+      "name": "riot",
+      "schemes": ["riot"]
+    }]
  }
 }
--- a/src/electron-main.js
+++ b/src/electron-main.js
@ -35,6 +35,7 @@ const tray = require('./tray');
 const vectorMenu = require('./vectormenu');
 const webContentsHandler = require('./webcontents-handler');
 const updater = require('./updater');
+const protocolInit = require('./protocol');

 const windowStateKeeper = require('electron-window-state');
 const Store = require('electron-store');
@ -511,6 +512,9 @@ if (!gotLock) {
    app.exit();
 }

+// do this after we know we are the primary instance of the app
+protocolInit();
+
 // Register the scheme the app is served from as 'standard'
 // which allows things like relative URLs and IndexedDB to
 // work.
--- a/src/webcontents-handler.js
+++ b/src/webcontents-handler.js
@ -198,19 +198,10 @@ function onEditableContextMenu(ev, params) {

 module.exports = (webContents) => {
    webContents.on('new-window', onWindowOrNavigate);
-    // XXX: The below now does absolutely nothing because of
-    // https://github.com/electron/electron/issues/8841
-    // Whilst this isn't a security issue since without
-    // node integration and with the sandbox, it should be
-    // no worse than opening the site in Chrome, it obviously
-    // means the user has to restart Riot to make it usable
-    // again (often unintuitive because it minimises to the
-    // system tray). We therefore need to be vigilant about
-    // putting target="_blank" on links in Riot (although
-    // we should generally be doing this anyway since links
-    // navigating you away from Riot in the browser is
-    // also annoying).
-    webContents.on('will-navigate', onWindowOrNavigate);
+    webContents.on('will-navigate', (ev, target) => {
+        if (target.startsWith("vector://")) return;
+        return onWindowOrNavigate(ev, target);
+    });

    webContents.on('context-menu', function(ev, params) {
        if (params.linkURL || params.srcURL) {