async function handleImplicit()

in amplify/backend/function/amplifyIdentityBrokerAuthorize/src/index.js [239:277]

• 36 lines of code
• 6 McCabe index (conditional complexity)

async function handleImplicit(event) {
	var client_id = event.queryStringParameters.client_id;
	var redirect_uri = event.queryStringParameters.redirect_uri;
	if (client_id === undefined || redirect_uri === undefined) {
		return {
			statusCode: 400,
			body: JSON.stringify("Required parameters are missing"),
		};
	}

	// Verify client and redirect_uri against clients table
	var validClient = await verifyClient(client_id, redirect_uri);
	if (!validClient) {
		return {
			statusCode: 400,
			body: JSON.stringify("Invalid Client"),
		};
	}

	var cookies = await getCookiesFromHeader(event.headers);
	var canReturnTokensDirectly = cookies.id_token ? true : false; // If there is already an id_token cookie we can return it directly

	if (canReturnTokensDirectly) {
		return { // Redirect directly to client application with ID token from cookie
			statusCode: 302,
			headers: {
				Location: redirect_uri + '/?id_token=' + cookies.id_token + insertStateIfAny(event),
			}
		};
	}
	else {
		return { // Redirect to login page
			statusCode: 302,
			headers: {
				Location: '/?client_id=' + client_id + '&redirect_uri=' + redirect_uri + insertStateIfAny(event),
			}
		};
	}
}