fix: update in-page login oauth uri (#175)

* fix: update in-page-login oauth uri

* update version in package

* update docs

Author: embbnux

docs/sso-login-mode.md

@@ -11,9 +11,9 @@ RingCentral Embeddable is a whole front-end application, it doesn't need backend
 
 Firstly, developer should implement the OAuth authorization code flow in own web server. When user goes to developer's website, it should show a ringcentral login button in web page to allow user to login with his RingCentral account to connect RingCentral services. So server can get the RingCentral API token and save it in backend connecting current login user.
 
-## Inject RingCentral Embeddable with sso mode
+## Inject RingCentral Embeddable with in-page mode
 
-After user logins success by developer's authorization code flow, developer should inject the widget with sso mode and pass same `appKey` to the widget as previous authorization code flow.
+After user logins success by developer's authorization code flow, developer should inject the widget with in-page mode and pass same `appKey` to the widget as previous authorization code flow.
 
 ### Use adapter way:
 
@@ -35,4 +35,4 @@ After user logins success by developer's authorization code flow, developer shou
 </iframe>
 ```
 
-With auth sso mode, the widget will use implicit flow and it will redirect to RingCentral OAuth uri if the widget haven't been logined. Because user have logined in previous flow, RingCentral OAuth server will redirect back to the widget with access token. So the widget will be logined without filling password again.
+With auth In-page mode, the widget will use **implicit flow** and it will redirect to RingCentral OAuth uri if the widget haven't been logined. Because user have logined in previous flow, RingCentral OAuth server will redirect back to the widget with access token. So the widget will be logined without filling password again.

package.json

@@ -1,6 +1,6 @@
 {
   "name": "ringcentral-embeddable",
-  "version": "0.0.1",
+  "version": "0.1.3",
   "description": "A RingCentral Embeddable Widget Application",
   "main": "index.js",
   "license": "MIT",

src/modules/OAuth/index.js

@@ -36,7 +36,7 @@ export default class OAuth extends ProxyFrameOAuth {
   _createSSOIframe() {
     this._clearSSOIframe();
     this._ssoFrame = document.createElement('iframe');
-    this._ssoFrame.src = this.oAuthUri;
+    this._ssoFrame.src = this.implictRefreshOAuthUri;
     this._ssoFrame.name = 'SSOIframe';
     this._ssoFrame.style.zIndex = 100;
     this._ssoFrame.style.display = 'block';
@@ -87,11 +87,18 @@ export default class OAuth extends ProxyFrameOAuth {
       switch (error.message) {
         case 'invalid_request':
         case 'unauthorized_client':
-        case 'access_denied':
         case 'unsupported_response_type':
         case 'invalid_scope':
           message = authMessages.accessDenied;
           break;
+        case 'access_denied': {
+          if (this.authMode === 'sso' && this._ssoFrame) {
+            this._clearSSOIframe();
+          } else {
+            message = authMessages.accessDenied;
+          }
+          break;
+        }
         case 'server_error':
         case 'temporarily_unavailable':
         default: