meteor-oauth-short-state

Reduce meteor oauth package state size

2 years after

colder:oauth-short-state

The colder:oauth-short-state package reduce oauth state size ~50%. Useful for when your OAuth provider limit state size.

Example

Setup:

meteor add colder:oauth-short-state

Improvement:

The source code of OAuth._stateParam like this

OAuth._stateParam = function (loginStyle, credentialToken, redirectUrl) {
  var state = {
    loginStyle: loginStyle,
    credentialToken: credentialToken,
    isCordova: Meteor.isCordova
  };

  if (loginStyle === 'redirect')
    state.redirectUrl = redirectUrl || ('' + window.location);

  return Base64.encode(JSON.stringify(state));
};

A normal example return 198 bytes

> encodeURIComponent(Base64.encode(JSON.stringify({
    loginStyle: 'redirect',
    credentialToken: Random.secret(),
    isCordova: false,
    redirectUrl: 'http://www.example.com'
  }))).length
198

Here we can reduce size to 118 bytes by short keys length, remove falsy key, change string value to enum number.

> const loginStyles = ['popup', 'redirect']
> encodeURIComponent(Base64.encode(JSON.stringify({
    l: 1 // loginStyles.indexOf('redirect')
    t: Random.secret(),
    r: 'http://www.example.com'
  }))).length
118

If you use another token (e.g. Random.id()) replace Random.secret(). You will get a smaller result 80 bytes. This for oauth package developer.

> encodeURIComponent(Base64.encode(JSON.stringify({
    l: 2,
    t: Random.id(),
    r: 'http://www.example.com'
  }))).length
80