diff options
Diffstat (limited to 'server/lib/oauth-model.js')
| -rw-r--r-- | server/lib/oauth-model.js | 32 |
1 files changed, 13 insertions, 19 deletions
diff --git a/server/lib/oauth-model.js b/server/lib/oauth-model.js index d011c4b72..1c12f1b14 100644 --- a/server/lib/oauth-model.js +++ b/server/lib/oauth-model.js | |||
| @@ -1,11 +1,6 @@ | |||
| 1 | const mongoose = require('mongoose') | 1 | const db = require('../initializers/database') |
| 2 | |||
| 3 | const logger = require('../helpers/logger') | 2 | const logger = require('../helpers/logger') |
| 4 | 3 | ||
| 5 | const OAuthClient = mongoose.model('OAuthClient') | ||
| 6 | const OAuthToken = mongoose.model('OAuthToken') | ||
| 7 | const User = mongoose.model('User') | ||
| 8 | |||
| 9 | // See https://github.com/oauthjs/node-oauth2-server/wiki/Model-specification for the model specifications | 4 | // See https://github.com/oauthjs/node-oauth2-server/wiki/Model-specification for the model specifications |
| 10 | const OAuthModel = { | 5 | const OAuthModel = { |
| 11 | getAccessToken, | 6 | getAccessToken, |
| @@ -21,27 +16,25 @@ const OAuthModel = { | |||
| 21 | function getAccessToken (bearerToken) { | 16 | function getAccessToken (bearerToken) { |
| 22 | logger.debug('Getting access token (bearerToken: ' + bearerToken + ').') | 17 | logger.debug('Getting access token (bearerToken: ' + bearerToken + ').') |
| 23 | 18 | ||
| 24 | return OAuthToken.getByTokenAndPopulateUser(bearerToken) | 19 | return db.OAuthToken.getByTokenAndPopulateUser(bearerToken) |
| 25 | } | 20 | } |
| 26 | 21 | ||
| 27 | function getClient (clientId, clientSecret) { | 22 | function getClient (clientId, clientSecret) { |
| 28 | logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').') | 23 | logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').') |
| 29 | 24 | ||
| 30 | // TODO req validator | 25 | return db.OAuthClient.getByIdAndSecret(clientId, clientSecret) |
| 31 | const mongoId = new mongoose.mongo.ObjectID(clientId) | ||
| 32 | return OAuthClient.getByIdAndSecret(mongoId, clientSecret) | ||
| 33 | } | 26 | } |
| 34 | 27 | ||
| 35 | function getRefreshToken (refreshToken) { | 28 | function getRefreshToken (refreshToken) { |
| 36 | logger.debug('Getting RefreshToken (refreshToken: ' + refreshToken + ').') | 29 | logger.debug('Getting RefreshToken (refreshToken: ' + refreshToken + ').') |
| 37 | 30 | ||
| 38 | return OAuthToken.getByRefreshTokenAndPopulateClient(refreshToken) | 31 | return db.OAuthToken.getByRefreshTokenAndPopulateClient(refreshToken) |
| 39 | } | 32 | } |
| 40 | 33 | ||
| 41 | function getUser (username, password) { | 34 | function getUser (username, password) { |
| 42 | logger.debug('Getting User (username: ' + username + ', password: ' + password + ').') | 35 | logger.debug('Getting User (username: ' + username + ', password: ' + password + ').') |
| 43 | 36 | ||
| 44 | return User.getByUsername(username).then(function (user) { | 37 | return db.User.getByUsername(username).then(function (user) { |
| 45 | if (!user) return null | 38 | if (!user) return null |
| 46 | 39 | ||
| 47 | // We need to return a promise | 40 | // We need to return a promise |
| @@ -60,8 +53,8 @@ function getUser (username, password) { | |||
| 60 | } | 53 | } |
| 61 | 54 | ||
| 62 | function revokeToken (token) { | 55 | function revokeToken (token) { |
| 63 | return OAuthToken.getByRefreshTokenAndPopulateUser(token.refreshToken).then(function (tokenDB) { | 56 | return db.OAuthToken.getByRefreshTokenAndPopulateUser(token.refreshToken).then(function (tokenDB) { |
| 64 | if (tokenDB) tokenDB.remove() | 57 | if (tokenDB) tokenDB.destroy() |
| 65 | 58 | ||
| 66 | /* | 59 | /* |
| 67 | * Thanks to https://github.com/manjeshpv/node-oauth2-server-implementation/blob/master/components/oauth/mongo-models.js | 60 | * Thanks to https://github.com/manjeshpv/node-oauth2-server-implementation/blob/master/components/oauth/mongo-models.js |
| @@ -80,18 +73,19 @@ function revokeToken (token) { | |||
| 80 | function saveToken (token, client, user) { | 73 | function saveToken (token, client, user) { |
| 81 | logger.debug('Saving token ' + token.accessToken + ' for client ' + client.id + ' and user ' + user.id + '.') | 74 | logger.debug('Saving token ' + token.accessToken + ' for client ' + client.id + ' and user ' + user.id + '.') |
| 82 | 75 | ||
| 83 | const tokenObj = new OAuthToken({ | 76 | const tokenToCreate = { |
| 84 | accessToken: token.accessToken, | 77 | accessToken: token.accessToken, |
| 85 | accessTokenExpiresAt: token.accessTokenExpiresAt, | 78 | accessTokenExpiresAt: token.accessTokenExpiresAt, |
| 86 | client: client.id, | ||
| 87 | refreshToken: token.refreshToken, | 79 | refreshToken: token.refreshToken, |
| 88 | refreshTokenExpiresAt: token.refreshTokenExpiresAt, | 80 | refreshTokenExpiresAt: token.refreshTokenExpiresAt, |
| 89 | user: user.id | 81 | oAuthClientId: client.id, |
| 90 | }) | 82 | userId: user.id |
| 83 | } | ||
| 91 | 84 | ||
| 92 | return tokenObj.save().then(function (tokenCreated) { | 85 | return db.OAuthToken.create(tokenToCreate).then(function (tokenCreated) { |
| 93 | tokenCreated.client = client | 86 | tokenCreated.client = client |
| 94 | tokenCreated.user = user | 87 | tokenCreated.user = user |
| 88 | |||
| 95 | return tokenCreated | 89 | return tokenCreated |
| 96 | }).catch(function (err) { | 90 | }).catch(function (err) { |
| 97 | throw err | 91 | throw err |