Merge pull request #12710 from nextcloud/remove-old-submit-button

Remove old button to submit the apppassword login

7 files changed, 20 insertions, 139 deletions

diff --git a/core/Controller/ClientFlowLoginController.php b/core/Controller/ClientFlowLoginController.php
index 2e8216c2ba5..83bd9faa6c7 100644
--- a/core/Controller/ClientFlowLoginController.php
+++ b/core/Controller/ClientFlowLoginController.php
@@ -244,34 +244,6 @@ class ClientFlowLoginController extends Controller {
 
 	/**
 	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 * @UseSession
-	 *
-	 * @param string $stateToken
-	 * @param string $clientIdentifier
-	 * @return TemplateResponse
-	 */
-	public function redirectPage($stateToken = '',
-								 $clientIdentifier = '') {
-		if(!$this->isValidToken($stateToken)) {
-			return $this->stateTokenForbiddenResponse();
-		}
-
-		return new TemplateResponse(
-			$this->appName,
-			'loginflow/redirect',
-			[
-				'urlGenerator' => $this->urlGenerator,
-				'stateToken' => $stateToken,
-				'clientIdentifier' => $clientIdentifier,
-				'oauthState' => $this->session->get('oauth.state'),
-			],
-			'guest'
-		);
-	}
-
-	/**
-	 * @NoAdminRequired
 	 * @UseSession
 	 *
 	 * @param string $stateToken
diff --git a/core/js/login/grant.js b/core/js/login/grant.js
new file mode 100644
index 00000000000..c3c3371b17e
--- /dev/null
+++ b/core/js/login/grant.js
@@ -0,0 +1,9 @@
+jQuery(document).ready(function() {
+	$('#submit').click(function (e) {
+		$('#submit + .submit-icon')
+			.removeClass('icon-confirm-white')
+			.addClass(OCA.Theming && OCA.Theming.inverted
+				? 'icon-loading-small'
+				: 'icon-loading-small-dark');
+	})
+})
\ No newline at end of file
diff --git a/core/js/login/redirect.js b/core/js/login/redirect.js
deleted file mode 100644
index ea214feab2d..00000000000
--- a/core/js/login/redirect.js
+++ /dev/null
@@ -1,3 +0,0 @@
-jQuery(document).ready(function() {
-	$('#submit-redirect-form').trigger('click');
-});
diff --git a/core/routes.php b/core/routes.php
index 88f919bdd2f..c33fc6487f2 100644
--- a/core/routes.php
+++ b/core/routes.php
@@ -52,7 +52,6 @@ $application->registerRoutes($this, [
 		['name' => 'login#showLoginForm', 'url' => '/login', 'verb' => 'GET'],
 		['name' => 'login#logout', 'url' => '/logout', 'verb' => 'GET'],
 		['name' => 'ClientFlowLogin#showAuthPickerPage', 'url' => '/login/flow', 'verb' => 'GET'],
-		['name' => 'ClientFlowLogin#redirectPage', 'url' => '/login/flow/redirect', 'verb' => 'GET'],
 		['name' => 'ClientFlowLogin#generateAppPassword', 'url' => '/login/flow', 'verb' => 'POST'],
 		['name' => 'ClientFlowLogin#grantPage', 'url' => '/login/flow/grant', 'verb' => 'GET'],
 		['name' => 'TwoFactorChallenge#selectChallenge', 'url' => '/login/selectchallenge', 'verb' => 'GET'],
diff --git a/core/templates/loginflow/grant.php b/core/templates/loginflow/grant.php
index a03b31f762c..017bb1f23cf 100644
--- a/core/templates/loginflow/grant.php
+++ b/core/templates/loginflow/grant.php
@@ -19,7 +19,7 @@
  *
  */
 
-script('core', 'login/authpicker');
+script('core', 'login/grant');
 style('core', 'login/authpicker');
 
 /** @var array $_ */
@@ -39,8 +39,15 @@ $urlGenerator = $_['urlGenerator'];
 	<br/>
 
 	<p id="redirect-link">
-		<a href="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLogin.redirectPage', ['stateToken' => $_['stateToken'], 'clientIdentifier' => $_['clientIdentifier'], 'oauthState' => $_['oauthState']])) ?>">
-			<input type="submit" class="login primary icon-confirm-white" value="<?php p($l->t('Grant access')) ?>">
-		</a>
+		<form method="POST" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLogin.generateAppPassword')) ?>">	
+			<input type="hidden" name="clientIdentifier" value="<?php p($_['clientIdentifier']) ?>" />	
+			<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" />	
+			<input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" />	
+			<input type="hidden" name="oauthState" value="<?php p($_['oauthState']) ?>" />	
+			<div id="submit-wrapper">
+				<input type="submit" id="submit" class="login primary" title="" value="<?php p($l->t('Grant access')); ?>" />
+				<div class="submit-icon icon-confirm-white"></div>
+			</div>	
+		</form>
 	</p>
 </div>
diff --git a/core/templates/loginflow/redirect.php b/core/templates/loginflow/redirect.php
deleted file mode 100644
index 8bad9760fda..00000000000
--- a/core/templates/loginflow/redirect.php
+++ /dev/null
@@ -1,39 +0,0 @@
-<?php
-/**
- * @copyright Copyright (c) 2017 Lukas Reschke <lukas@statuscode.ch>
- *
- * @license GNU AGPL version 3 or any later version
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- *
- */
-script('core', 'login/redirect');
-style('core', 'login/authpicker');
-
-/** @var array $_ */
-/** @var \OCP\IURLGenerator $urlGenerator */
-$urlGenerator = $_['urlGenerator'];
-?>
-
-<div class="picker-window">
-	<p><?php p($l->t('Redirecting …')) ?></p>
-</div>
-
-<form method="POST" action="<?php p($urlGenerator->linkToRouteAbsolute('core.ClientFlowLogin.generateAppPassword')) ?>">
-	<input type="hidden" name="clientIdentifier" value="<?php p($_['clientIdentifier']) ?>" />
-	<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" />
-	<input type="hidden" name="stateToken" value="<?php p($_['stateToken']) ?>" />
-	<input type="hidden" name="oauthState" value="<?php p($_['oauthState']) ?>" />
-	<input id="submit-redirect-form" type="submit" class="hidden "/>
-</form>
diff --git a/tests/Core/Controller/ClientFlowLoginControllerTest.php b/tests/Core/Controller/ClientFlowLoginControllerTest.php
index b54897ddc44..ba9caabd0b0 100644
--- a/tests/Core/Controller/ClientFlowLoginControllerTest.php
+++ b/tests/Core/Controller/ClientFlowLoginControllerTest.php
@@ -242,70 +242,6 @@ class ClientFlowLoginControllerTest extends TestCase {
 		$this->assertEquals($expected, $this->clientFlowLoginController->showAuthPickerPage('MyClientIdentifier'));
 	}
 
-	public function testRedirectPageWithInvalidToken() {
-		$this->session
-			->expects($this->once())
-			->method('get')
-			->with('client.flow.state.token')
-			->willReturn('OtherToken');
-
-		$expected = new TemplateResponse(
-			'core',
-			'403',
-			[
-				'file' => 'State token does not match',
-			],
-			'guest'
-		);
-		$expected->setStatus(Http::STATUS_FORBIDDEN);
-		$this->assertEquals($expected, $this->clientFlowLoginController->redirectPage('MyStateToken'));
-	}
-
-	public function testRedirectPageWithoutToken() {
-		$this->session
-			->expects($this->once())
-			->method('get')
-			->with('client.flow.state.token')
-			->willReturn(null);
-
-		$expected = new TemplateResponse(
-			'core',
-			'403',
-			[
-				'file' => 'State token does not match',
-			],
-			'guest'
-		);
-		$expected->setStatus(Http::STATUS_FORBIDDEN);
-		$this->assertEquals($expected, $this->clientFlowLoginController->redirectPage('MyStateToken'));
-	}
-
-	public function testRedirectPage() {
-		$this->session
-			->expects($this->at(0))
-			->method('get')
-			->with('client.flow.state.token')
-			->willReturn('MyStateToken');
-		$this->session
-			->expects($this->at(1))
-			->method('get')
-			->with('oauth.state')
-			->willReturn('MyOauthStateToken');
-
-		$expected = new TemplateResponse(
-			'core',
-			'loginflow/redirect',
-			[
-				'urlGenerator' => $this->urlGenerator,
-				'stateToken' => 'MyStateToken',
-				'clientIdentifier' => 'Identifier',
-				'oauthState' => 'MyOauthStateToken',
-			],
-			'guest'
-		);
-		$this->assertEquals($expected, $this->clientFlowLoginController->redirectPage('MyStateToken', 'Identifier'));
-	}
-
 	public function testGenerateAppPasswordWithInvalidToken() {
 		$this->session
 			->expects($this->once())