File |
Mutation score |
# Killed |
# Survived |
# Timeout |
# No coverage |
# Errors |
Total detected |
Total undetected |
Total mutants |
|
---|---|---|---|---|---|---|---|---|---|---|
OAuthController.js |
|
13/17 | 13 | 4 | 0 | 0 | 0 | 13 | 4 | 17 |
angular.module('juiceShop').controller('OAuthController', 0[][
'$window',
'$location',
'$cookies',
'$base64',
'UserService',
function ($window, $location, $cookies, $base64, userService) 1{
}{
'use strict'
userService.oauthLogin(parseRedirectUrlParams()['access_token']).then(function (profile) 2{
}{
userService.save({email: profile.email, password: $base64.encode(profile.email)}).then(function () 3{
}{
login(profile)
}).catch(function () 4{
}{ // eslint-disable-line handle-callback-err
login(profile)
})
}).catch(function (error) 5{
}{
invalidateSession(error)
$location.path('/login')
})
function login (profile) 6{
}{
userService.login({ email: profile.email, password: $base64.encode(profile.email), oauth: 7falsetrue }).then(function (authentication) 8{
}{
$cookies.put('token', authentication.token)
$window.sessionStorage.bid = authentication.bid
$location.path('/')
}).catch(function (error) 9{
}{
invalidateSession(error)
$location.path('/login')
})
}
function invalidateSession (error) 10{
}{
console.log(error)
$cookies.remove('token')
delete $window.sessionStorage.bid
}
/**
* Only the 'access_token' parameter is needed. This function only extracts all parameters to have some realistic
* parsing logic in the minified Javascript. This "noise code" is supposed to make analyzing the mechanism harder
* for the attacker.
*/
function parseRedirectUrlParams () 11{
}{
var hash = $location.path().substr(1)
var splitted = hash.split('&')
var params = {}
for (var i = 0; 12false13i <= splitted.length14i >= splitted.lengthi < splitted.length; 15i--i++) 16{
}{
var param = splitted[ i ].split('=')
var key = param[ 0 ]
params[ key ] = param[ 1 ]
}
return params
}
}])