From 54e9c64d7b5c24b8b9f29fbfaff6a1303fe17e95 Mon Sep 17 00:00:00 2001
From: Ben Thompson <ben@xtuple.com>
Date: Mon, 9 Jun 2014 13:04:53 -0400
Subject: [PATCH] Fix OAuth2 pk12 key download prompt.

---
 .../source/oauth2/client/models/oauth2.js     | 33 +++++++++++++++++--
 node-datasource/routes/generate_oauth_key.js  |  2 +-
 2 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/enyo-client/extensions/source/oauth2/client/models/oauth2.js b/enyo-client/extensions/source/oauth2/client/models/oauth2.js
index 3b2fe3c94..11cd7fd13 100644
--- a/enyo-client/extensions/source/oauth2/client/models/oauth2.js
+++ b/enyo-client/extensions/source/oauth2/client/models/oauth2.js
@@ -64,9 +64,36 @@ white:true*/
 
         options.success = function (model, resp, options) {
           if (status === XM.Model.READY_NEW && that.get("clientType") === 'jwt bearer') {
-            // download the private key
-            window.open(XT.getOrganizationPath() + '/oauth/generate-key?id=' + that.id,
-              '_newtab');
+            // Download the private key.
+
+            // The javascript download method avoids target = "_blank" and the need to
+            // reload the app to see the new client. Pop up blockers should not be an issue.
+            // @See: http://stackoverflow.com/questions/3749231/download-file-using-javascript-jquery/3749395#3749395
+            var downloadURL = function downloadURL(url) {
+              var hiddenIFrameID = 'hiddenDownloader',
+                iframe = document.getElementById(hiddenIFrameID);
+
+              if (iframe === null) {
+                iframe = document.createElement('iframe');
+                iframe.id = hiddenIFrameID;
+                iframe.style.display = 'none';
+                document.body.appendChild(iframe);
+              }
+
+              iframe.src = url;
+            };
+
+            downloadURL(XT.getOrganizationPath() + '/oauth/generate-key?id=' + that.id);
+
+            // This prompts for the download without using target = "_blank" and a new tab.
+            // It should avoid pop up blockers from preventing the download. It does warn about
+            // leaving the page, but it returns right back to the original path without needing to
+            // reload the app. Downside... it requires reloading the app to see the client just added.
+            //window.location.assign(XT.getOrganizationPath() + '/oauth/generate-key?id=' + that.id);
+
+            // This opens the download in a new tab and causes pop up blockers to block this action.
+            //window.open(XT.getOrganizationPath() + '/oauth/generate-key?id=' + that.id,
+            //  '_newtab');
           }
 
           if (success) { success(model, resp, options); }
diff --git a/node-datasource/routes/generate_oauth_key.js b/node-datasource/routes/generate_oauth_key.js
index 31bdba3ad..44ad1a5b8 100644
--- a/node-datasource/routes/generate_oauth_key.js
+++ b/node-datasource/routes/generate_oauth_key.js
@@ -28,7 +28,7 @@ regexp:true, undef:true, strict:true, trailing:true, white:true */
         res.send({isError: true, error: err});
       },
       convertToP12 = function (publicKey, privateKey) {
-        var filenamePrefix = path.join(process.cwd(), "lib/private/temp_" + id),
+        var filenamePrefix = path.join("/tmp/temp_" + id),
           publicKeyFilename = filenamePrefix + "_public_key.pem",
           csrFilename = filenamePrefix + "_csr.pem",
           certFilename = filenamePrefix + "_cert.pem",
-- 
2.39.2