From 2f372a865487427ff97ad17edd0e6adfbb478c80 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Wed, 20 Jul 2016 16:23:58 +0200 Subject: Server: implement refresh token --- server/lib/oauth-model.js | 32 +++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) (limited to 'server/lib') diff --git a/server/lib/oauth-model.js b/server/lib/oauth-model.js index f4fd9805a..555a54e90 100644 --- a/server/lib/oauth-model.js +++ b/server/lib/oauth-model.js @@ -12,6 +12,7 @@ const OAuthModel = { getClient: getClient, getRefreshToken: getRefreshToken, getUser: getUser, + revokeToken: revokeToken, saveToken: saveToken } @@ -20,7 +21,7 @@ const OAuthModel = { function getAccessToken (bearerToken) { logger.debug('Getting access token (bearerToken: ' + bearerToken + ').') - return OAuthToken.loadByTokenAndPopulateUser(bearerToken) + return OAuthToken.getByTokenAndPopulateUser(bearerToken) } function getClient (clientId, clientSecret) { @@ -28,19 +29,36 @@ function getClient (clientId, clientSecret) { // TODO req validator const mongoId = new mongoose.mongo.ObjectID(clientId) - return OAuthClient.loadByIdAndSecret(mongoId, clientSecret) + return OAuthClient.getByIdAndSecret(mongoId, clientSecret) } -function getRefreshToken (refreshToken) { +function getRefreshToken (refreshToken, callback) { logger.debug('Getting RefreshToken (refreshToken: ' + refreshToken + ').') - return OAuthToken.loadByRefreshToken(refreshToken) + return OAuthToken.getByRefreshTokenAndPopulateClient(refreshToken) } function getUser (username, password) { logger.debug('Getting User (username: ' + username + ', password: ' + password + ').') - return User.loadByUsernameAndPassword(username, password) + return User.getByUsernameAndPassword(username, password) +} + +function revokeToken (token) { + return OAuthToken.getByRefreshToken(token.refreshToken).then(function (tokenDB) { + if (tokenDB) tokenDB.remove() + + /* + * Thanks to https://github.com/manjeshpv/node-oauth2-server-implementation/blob/master/components/oauth/mongo-models.js + * "As per the discussion we need set older date + * revokeToken will expected return a boolean in future version + * https://github.com/oauthjs/node-oauth2-server/pull/274 + * https://github.com/oauthjs/node-oauth2-server/issues/290" + */ + const expiredToken = tokenDB + expiredToken.refreshTokenExpiresAt = new Date('2015-05-28T06:59:53.000Z') + return expiredToken + }) } function saveToken (token, client, user) { @@ -48,10 +66,10 @@ function saveToken (token, client, user) { const tokenObj = new OAuthToken({ accessToken: token.accessToken, - accessTokenExpiresOn: token.accessTokenExpiresOn, + accessTokenExpiresAt: token.accessTokenExpiresAt, client: client.id, refreshToken: token.refreshToken, - refreshTokenExpiresOn: token.refreshTokenExpiresOn, + refreshTokenExpiresAt: token.refreshTokenExpiresAt, user: user.id }) -- cgit v1.2.3