server/lib/oauth-model.ts

   1 import { database as db } from '../initializers/database'
   2 import { logger } from '../helpers'
   3
   4 // ---------------------------------------------------------------------------
   5
   6 function getAccessToken (bearerToken) {
   7   logger.debug('Getting access token (bearerToken: ' + bearerToken + ').')
   8
   9   return db.OAuthToken.getByTokenAndPopulateUser(bearerToken)
  10 }
  11
  12 function getClient (clientId, clientSecret) {
  13   logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').')
  14
  15   return db.OAuthClient.getByIdAndSecret(clientId, clientSecret)
  16 }
  17
  18 function getRefreshToken (refreshToken) {
  19   logger.debug('Getting RefreshToken (refreshToken: ' + refreshToken + ').')
  20
  21   return db.OAuthToken.getByRefreshTokenAndPopulateClient(refreshToken)
  22 }
  23
  24 function getUser (username, password) {
  25   logger.debug('Getting User (username: ' + username + ', password: ' + password + ').')
  26
  27   return db.User.getByUsername(username).then(function (user) {
  28     if (!user) return null
  29
  30     // We need to return a promise
  31     return new Promise(function (resolve, reject) {
  32       return user.isPasswordMatch(password, function (err, isPasswordMatch) {
  33         if (err) return reject(err)
  34
  35         if (isPasswordMatch === true) {
  36           return resolve(user)
  37         }
  38
  39         return resolve(null)
  40       })
  41     })
  42   })
  43 }
  44
  45 function revokeToken (token) {
  46   return db.OAuthToken.getByRefreshTokenAndPopulateUser(token.refreshToken).then(function (tokenDB) {
  47     if (tokenDB) tokenDB.destroy()
  48
  49     /*
  50       * Thanks to https://github.com/manjeshpv/node-oauth2-server-implementation/blob/master/components/oauth/mongo-models.js
  51       * "As per the discussion we need set older date
  52       * revokeToken will expected return a boolean in future version
  53       * https://github.com/oauthjs/node-oauth2-server/pull/274
  54       * https://github.com/oauthjs/node-oauth2-server/issues/290"
  55     */
  56     const expiredToken = tokenDB
  57     expiredToken.refreshTokenExpiresAt = new Date('2015-05-28T06:59:53.000Z')
  58
  59     return expiredToken
  60   })
  61 }
  62
  63 function saveToken (token, client, user) {
  64   logger.debug('Saving token ' + token.accessToken + ' for client ' + client.id + ' and user ' + user.id + '.')
  65
  66   const tokenToCreate = {
  67     accessToken: token.accessToken,
  68     accessTokenExpiresAt: token.accessTokenExpiresAt,
  69     refreshToken: token.refreshToken,
  70     refreshTokenExpiresAt: token.refreshTokenExpiresAt,
  71     oAuthClientId: client.id,
  72     userId: user.id
  73   }
  74
  75   return db.OAuthToken.create(tokenToCreate).then(function (tokenCreated: any) {
  76     tokenCreated.client = client
  77     tokenCreated.user = user
  78
  79     return tokenCreated
  80   }).catch(function (err) {
  81     throw err
  82   })
  83 }
  84
  85 // ---------------------------------------------------------------------------
  86
  87 // See https://github.com/oauthjs/node-oauth2-server/wiki/Model-specification for the model specifications
  88 export {
  89   getAccessToken,
  90   getClient,
  91   getRefreshToken,
  92   getUser,
  93   revokeToken,
  94   saveToken
  95 }