Work on the server to handle the new structure

service/esiAccess.py

@@ -17,6 +17,7 @@ import config
 import base64
 import secrets
 import hashlib
+import json
 
 import datetime
 from service.const import EsiSsoMode, EsiEndpoints
@@ -138,21 +139,23 @@ class EsiAccess:
             m.update(code_verifier)
             d = m.digest()
             code_challenge = base64.urlsafe_b64encode(d).decode().replace("=", "")
-
+            state_arg = {
+                'mode': self.settings.get('loginMode'),
+                'redirect': redirect,
+                'state': self.state
+            }
             args = {
                 # 'pyfa_version': config.version,
                 # 'login_method': self.settings.get('loginMode'), # todo: encode this into the state
                 # 'client_hash': config.getClientSecret(),
                 'response_type': 'code',
-                'redirect_uri': 'http://localhost:6465',
+                'redirect_uri': 'http://127.0.0.1:5500/callback.html',
                 'client_id': '095d8cd841ac40b581330919b49fe746', # pyfa PKCE app # TODO: move this to some central config location, not hardcoded
                 'scope': ' '.join(scopes),
                 'code_challenge': code_challenge,
                 'code_challenge_method':  'S256',
-                'state': self.state,
+                'state': base64.b64encode(bytes(json.dumps(state_arg), 'utf-8'))
             }
-            if redirect is not None:
-                args['redirect'] = redirect
 
             return '%s?%s' % (
                 self.oauth_authorize,

service/server.py

@@ -4,7 +4,7 @@ import socket
 import threading
 from logbook import Logger
 import socketserver
-
+import json
 pyfalog = Logger(__name__)
 
 # noinspection PyPep8
@@ -69,38 +69,35 @@ if (window.location.href.indexOf('step=2') == -1) {{
 
 # https://github.com/fuzzysteve/CREST-Market-Downloader/
 class AuthHandler(http.server.BaseHTTPRequestHandler):
+    def do_OPTIONS(self):
+        self.send_response(200)
+        self.send_header('Access-Control-Allow-Origin', '*')
+        self.end_headers()
+
     def do_GET(self):
         if self.path == "/favicon.ico":
             return
 
         parsed_path = urllib.parse.urlparse(self.path)
         parts = urllib.parse.parse_qs(parsed_path.query)
-        msg = ""
-
-        step2 = 'step' in parts
-
+        is_success = False
         try:
-            if step2:
-                self.server.callback(parts)
-                pyfalog.info("Successfully logged into EVE.")
-                msg = "If you see this message then it means you should be logged into EVE SSO. You may close this window and return to the application."
-            else:
-                # For implicit mode, we have to serve up the page which will take the hash and redirect using a querystring
-                pyfalog.info("Processing response from EVE Online.")
-                msg = "Processing response from EVE Online"
+            self.server.callback(parts)
+            pyfalog.info("Successfully logged into EVE.")
+            is_success = True
+            self.send_response(200)
         except (KeyboardInterrupt, SystemExit):
             raise
         except Exception as ex:
             pyfalog.error("Error logging into EVE")
             pyfalog.error(ex)
-            msg = "<h2>Error</h2>\n<p>{}</p>".format(ex.message)
+            self.send_response(500)
+            # send error
         finally:
-            self.send_response(200)
+            self.send_header('Access-Control-Allow-Origin', '*')
             self.end_headers()
-            self.wfile.write(str.encode(HTML.format(msg)))
 
-        if step2:
-            # Only stop once if we've received something in the querystring
+        if is_success:
             self.server.stop()
 
     def log_message(self, format, *args):