Merge pull request #25 from vectorize-io/updateNonce

Add nonces to the HTML creation so client side components can call it

Author: DK09876

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vectorize-io/vectorize-connect",
-  "version": "0.4.0",
+  "version": "0.4.1",
   "description": "A simple package for Google Drive authorization and file selection",
   "main": "dist/index.js",
   "module": "dist/index.mjs",

src/baseOAuth/ui/picker.ts

@@ -213,7 +213,8 @@ export abstract class BasePicker {
     styles: string = '',
     head: string = '',
     body: string,
-    scripts: string
+    scripts: string,
+    nonce?: string
   ): string {
     return `
       <!DOCTYPE html>
@@ -283,7 +284,7 @@ export abstract class BasePicker {
             ${body}
           </div>
         </div>
-        <script>
+        <script${nonce ? ` nonce="${nonce}"` : ''}>
           ${scripts}
         </script>
       </body>

src/dropBoxOAuth/core/oauth.ts

@@ -91,7 +91,8 @@ export class DropboxOAuth extends BaseOAuth {
   public static override async createCallbackResponse(
     code: string,
     config: DropboxOAuthConfig,
-    error?: string | OAuthError
+    error?: string | OAuthError,
+    nonce?: string
   ): Promise<Response> {
     if (error) {
       const errorObj = typeof error === 'string' ? new OAuthError(error, 'CALLBACK_ERROR') : error;
@@ -107,8 +108,8 @@ export class DropboxOAuth extends BaseOAuth {
       );
 
       // Use the Dropbox picker template
-      const htmlContent = DropboxPicker.createPickerHTML(tokens, config, tokens.refresh_token);
-      
+      const htmlContent = DropboxPicker.createPickerHTML(tokens, config, tokens.refresh_token, undefined, nonce);
+
       return new Response(htmlContent, { headers: { 'Content-Type': 'text/html' } });
     } catch (error) {
       return this.createErrorResponse(

src/dropBoxOAuth/ui/picker.ts

@@ -16,10 +16,11 @@ export class DropboxPicker extends BasePicker {
    * @returns HTML string for the Dropbox picker interface
    */
   createPickerHTML(
-    tokens: OAuthResponse, 
-    config: DropboxOAuthConfig, 
-    refreshToken: string, 
-    preSelectedFiles?: Record<string, { name: string; mimeType: string }>
+    tokens: OAuthResponse,
+    config: DropboxOAuthConfig,
+    refreshToken: string,
+    preSelectedFiles?: Record<string, { name: string; mimeType: string }>,
+    nonce?: string
   ): string {
     const ui = this.getCommonUIElements();
 
@@ -218,20 +219,22 @@ export class DropboxPicker extends BasePicker {
         ${ui.fileListContainer}
         ${ui.submitButtonContainer}
       `,
-      dropboxScripts
+      dropboxScripts,
+      nonce
     );
   }
 
   /**
    * Create a static instance for backward compatibility
    */
   static createPickerHTML(
-    tokens: OAuthResponse, 
-    config: DropboxOAuthConfig, 
-    refreshToken: string, 
-    preSelectedFiles?: Record<string, { name: string; mimeType: string }>
+    tokens: OAuthResponse,
+    config: DropboxOAuthConfig,
+    refreshToken: string,
+    preSelectedFiles?: Record<string, { name: string; mimeType: string }>,
+    nonce?: string
   ): string {
     const picker = new DropboxPicker();
-    return picker.createPickerHTML(tokens, config, refreshToken, preSelectedFiles);
+    return picker.createPickerHTML(tokens, config, refreshToken, preSelectedFiles, nonce);
   }
 }

src/googleDriveOAuth/core/oauth.ts

@@ -96,7 +96,8 @@ export class GoogleDriveOAuth extends BaseOAuth {
   public static override async createCallbackResponse(
     code: string,
     config: GoogleDriveOAuthConfig,
-    error?: string | OAuthError
+    error?: string | OAuthError,
+    nonce?: string
   ): Promise<Response> {
     if (error) {
       const errorObj = typeof error === 'string' ? new OAuthError(error, 'CALLBACK_ERROR') : error;
@@ -112,8 +113,8 @@ export class GoogleDriveOAuth extends BaseOAuth {
       );
 
       // Use the Google Drive picker template
-      const htmlContent = GoogleDrivePicker.createPickerHTML(tokens, config, tokens.refresh_token);
-      
+      const htmlContent = GoogleDrivePicker.createPickerHTML(tokens, config, tokens.refresh_token, undefined, nonce);
+
       return new Response(htmlContent, { headers: { 'Content-Type': 'text/html' } });
     } catch (error) {
       return this.createErrorResponse(

src/googleDriveOAuth/ui/picker.ts

@@ -16,10 +16,11 @@ export class GoogleDrivePicker extends BasePicker {
    * @returns HTML string for the Google Drive picker interface
    */
   createPickerHTML(
-    tokens: OAuthResponse, 
-    config: GoogleDriveOAuthConfig, 
-    refreshToken: string, 
-    preSelectedFiles?: Record<string, { name: string; mimeType: string }>
+    tokens: OAuthResponse,
+    config: GoogleDriveOAuthConfig,
+    refreshToken: string,
+    preSelectedFiles?: Record<string, { name: string; mimeType: string }>,
+    nonce?: string
   ): string {
     const ui = this.getCommonUIElements();
 
@@ -155,20 +156,22 @@ export class GoogleDrivePicker extends BasePicker {
         ${ui.fileListContainer}
         ${ui.submitButtonContainer}
       `,
-      googleDriveScripts
+      googleDriveScripts,
+      nonce
     );
   }
 
   /**
    * Create a static instance for backward compatibility
    */
   static createPickerHTML(
-    tokens: OAuthResponse, 
-    config: GoogleDriveOAuthConfig, 
-    refreshToken: string, 
-    preSelectedFiles?: Record<string, { name: string; mimeType: string }>
+    tokens: OAuthResponse,
+    config: GoogleDriveOAuthConfig,
+    refreshToken: string,
+    preSelectedFiles?: Record<string, { name: string; mimeType: string }>,
+    nonce?: string
   ): string {
     const picker = new GoogleDrivePicker();
-    return picker.createPickerHTML(tokens, config, refreshToken, preSelectedFiles);
+    return picker.createPickerHTML(tokens, config, refreshToken, preSelectedFiles, nonce);
   }
 }

src/googleDriveOAuth/utils/validation.ts

@@ -1,11 +1,12 @@
-import { OAuthConfig, OAuthError, ConfigurationError } from '../types';
+import { OAuthError, ConfigurationError } from '../../baseOAuth/types';
+import { GoogleDriveOAuthConfig } from '../types';
 
 /**
  * Validates the OAuth configuration
  * @param config The OAuth configuration to validate
  * @throws ConfigurationError if the configuration is invalid
  */
-export function validateConfig(config: OAuthConfig): void {
+export function validateConfig(config: GoogleDriveOAuthConfig): void {
   if (!config.clientId) {
     throw new ConfigurationError('Client ID is required');
   }

src/notionOAuth/ui/picker.ts

@@ -19,7 +19,8 @@ export class NotionPicker {
     tokens: any,
     config: NotionOAuthConfig,
     accessToken: string,
-    existingSelection?: Record<string, { title: string; pageId: string; parentType?: string }>
+    existingSelection?: Record<string, { title: string; pageId: string; parentType?: string }>,
+    nonce?: string
   ): string {
     // Convert existing selection to JSON string for embedding in the HTML
     const existingSelectionStr = existingSelection 
@@ -412,7 +413,7 @@ export class NotionPicker {
         </div>
       </div>
       
-      <script>
+      <script${nonce ? ` nonce="${nonce}"` : ''}>
         // Store selected items
         const selectedItems = ${existingSelectionStr};
         let dataLoaded = false;