server/lib/oauth-model.js

   1 const mongoose = require('mongoose')
   2
   3 const logger = require('../helpers/logger')
   4
   5 const OAuthClient = mongoose.model('OAuthClient')
   6 const OAuthToken = mongoose.model('OAuthToken')
   7 const User = mongoose.model('User')
   8
   9 // See https://github.com/oauthjs/node-oauth2-server/wiki/Model-specification for the model specifications
  10 const OAuthModel = {
  11   getAccessToken: getAccessToken,
  12   getClient: getClient,
  13   getRefreshToken: getRefreshToken,
  14   getUser: getUser,
  15   revokeToken: revokeToken,
  16   saveToken: saveToken
  17 }
  18
  19 // ---------------------------------------------------------------------------
  20
  21 function getAccessToken (bearerToken) {
  22   logger.debug('Getting access token (bearerToken: ' + bearerToken + ').')
  23
  24   return OAuthToken.getByTokenAndPopulateUser(bearerToken)
  25 }
  26
  27 function getClient (clientId, clientSecret) {
  28   logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').')
  29
  30   // TODO req validator
  31   const mongoId = new mongoose.mongo.ObjectID(clientId)
  32   return OAuthClient.getByIdAndSecret(mongoId, clientSecret)
  33 }
  34
  35 function getRefreshToken (refreshToken, callback) {
  36   logger.debug('Getting RefreshToken (refreshToken: ' + refreshToken + ').')
  37
  38   return OAuthToken.getByRefreshTokenAndPopulateClient(refreshToken)
  39 }
  40
  41 function getUser (username, password) {
  42   logger.debug('Getting User (username: ' + username + ', password: ' + password + ').')
  43
  44   return User.getByUsernameAndPassword(username, password)
  45 }
  46
  47 function revokeToken (token) {
  48   return OAuthToken.getByRefreshToken(token.refreshToken).then(function (tokenDB) {
  49     if (tokenDB) tokenDB.remove()
  50
  51     /*
  52       * Thanks to https://github.com/manjeshpv/node-oauth2-server-implementation/blob/master/components/oauth/mongo-models.js
  53       * "As per the discussion we need set older date
  54       * revokeToken will expected return a boolean in future version
  55       * https://github.com/oauthjs/node-oauth2-server/pull/274
  56       * https://github.com/oauthjs/node-oauth2-server/issues/290"
  57     */
  58     const expiredToken = tokenDB
  59     expiredToken.refreshTokenExpiresAt = new Date('2015-05-28T06:59:53.000Z')
  60     return expiredToken
  61   })
  62 }
  63
  64 function saveToken (token, client, user) {
  65   logger.debug('Saving token for client ' + client.id + ' and user ' + user.id + '.')
  66
  67   const tokenObj = new OAuthToken({
  68     accessToken: token.accessToken,
  69     accessTokenExpiresAt: token.accessTokenExpiresAt,
  70     client: client.id,
  71     refreshToken: token.refreshToken,
  72     refreshTokenExpiresAt: token.refreshTokenExpiresAt,
  73     user: user.id
  74   })
  75
  76   return tokenObj.save(function (err, tokenCreated) {
  77     if (err) throw err // node-oauth2-server library uses Promise.try
  78
  79     tokenCreated.client = client
  80     tokenCreated.user = user
  81
  82     return tokenCreated
  83   })
  84 }
  85
  86 // ---------------------------------------------------------------------------
  87
  88 module.exports = OAuthModel