diff --git a/index.html b/index.html index d11c053..adea8ac 100644 --- a/index.html +++ b/index.html @@ -187,6 +187,32 @@ +
+
+

JavaScript Framework

+ (yes, real runs-in-a-web-browser - and even on Android - ES5.1) +
+ (no framework) + + + +
+ + + +
+ + 
var OAUTH3 = require('oauth3.org');
+ + 
<script src="/assets/oauth3.org/oauth3.core.js"></script>
+<script src="/assets/oauth3.org/oauth3.crypto.js"></script>
+<script src="/assets/oauth3.org/oauth3.issuer.js"></script>
+<script src="/assets/oauth3.org/oauth3.ng.js"></script>
+
+
+
+


@@ -318,6 +344,7 @@
Credential Meta URL +
(Not implemented... anymore)
(this is the endpoint that reports if the user exists and what their proof-strategy is) @@ -340,7 +367,7 @@ (this is the URL that sends your one-time password via email)
- + 
OAUTH3.authn.otp(directives, { email: "" });
@@ -367,31 +394,73 @@ (it's also a bit of a misnomer, it should be *proof* rather than password)
- ... + + + +
+ + + 
OAUTH3.authn.resourceOwnerPassword(directives, );
+
+ 
 
+
+
+
+ 

+
+
+
+
- -
+


- Login Status: + Session Token +
+ (this is the URL that sends your one-time password via email)
- ... + + + +
-
+ +
+
+
- Current Sessions: + Verify Token +
+ (this is the URL that sends your one-time password via email)
- ... + + + + + 
OAUTH3.authn.verify(directives, token});
+ 
OAUTH3.authn.verify( directives, "" });
+
+ 
 
+
+
+
+ 

+
+
+
+
+ +
Approved Devices: diff --git a/js/playground.js b/js/playground.js index 1fa5a87..9577dc6 100644 --- a/js/playground.js +++ b/js/playground.js @@ -26,6 +26,7 @@ // TODO: how to load more than one version of oauth3 on the page (i.e. a vanilla version without angular entaglement) var vm = this; + vm.framework = 'none'; vm.clientUri = OAUTH3.clientUri(window.location); vm.conf = { debug: undefined, client_id: vm.clientUri, client_uri: vm.clientUri, provider_uri: vm.clientUri }; vm.providerUri = vm.conf.client_uri; @@ -186,6 +187,7 @@ vm.api = {}; vm.api.urls = {}; vm.api.authn = {}; + vm.api.jwt = {}; vm.api.urls.credentialMeta = function () { vm.urls.credentialMeta = OAUTH3.urls.credentialMeta(vm.directives, { email: vm.form.id }); }; @@ -196,12 +198,65 @@ vm.api.urls.otp(); OAUTH3.authn.otp(vm.directives, { email: vm.form.id }).then(function (resp) { vm.responses.otp = resp; + vm.form.otpUuid = resp.data.code_id; + console.log('vm.responses.otp: (' + typeof resp + ')'); + console.log(vm.responses.otp); + + console.log('vm.form.otpUuid:'); + console.log(vm.form.otpUuid); + + vm.api.urls.resourceOwnerPassword(); }); }; vm.api.authn.credentialMeta = function () { vm.api.urls.credentialMeta(); OAUTH3.authn.loginMeta(vm.directives, { email: vm.form.id }); }; + + + vm.api.authn._ropOpts = function () { + //var opts = { email: vm.form.id, uuid: vm.form.otpUuid, code: vm.form.otpCode }; + return vm.api.authn._ropOpts_ = { + client_id: vm.conf.client_uid || undefined + , client_uri: vm.conf.client_uri || undefined + , grant_type: 'password' + , username: vm.form.id || undefined + , password: vm.form.otpCode || undefined + , totp: vm.form.totpToken || undefined + , otp: vm.form.otpCode || "{{otp-code}}" + , password_type: vm.form.otpCode && 'otp' || undefined + , otp_code: vm.form.otpCode || undefined + , otp_id: vm.form.otpUuid || undefined + , otp_uuid: vm.form.otpUuid || undefined + , user_agent: navigator.userAgent || undefined // "AJ's Macbook" for a specific device? + , jwk: vm.form.rememberDevice && opts.jwk || undefined + //, "public_key": opts.rememberDevice && opts.publicKey || undefined + //, "public_key_type": opts.rememberDevice && opts.publicKeyType || undefined // RSA/ECDSA + //, "jwt": opts.jwt // TODO sign a proof with a previously loaded public_key + , debug: vm.form.debug || undefined + }; + }; + vm.api.urls.resourceOwnerPassword = function () { + vm.urls.resourceOwnerPassword = OAUTH3.urls.resourceOwnerPassword(vm.directives, vm.api.authn._ropOpts()); + }; + vm.api.authn.resourceOwnerPassword = function () { + vm.api.urls.resourceOwnerPassword(); + OAUTH3.authn.resourceOwnerPassword(vm.directives, vm.api.authn._ropOpts()).then(function (resp) { + vm.responses.resourceOwnerPassword = { status: 0, data: resp }; + vm.form.accessToken = vm.accessToken = resp.access_token; + vm.form.refreshToken = vm.refreshToken = resp.refresh_token; + vm.ropSession = resp.token; + }); + }; + + + vm.api.jwt.decode = function () { + vm.ropSession = OAUTH3.jwt.decode(vm.form.accessToken || vm.accessToken); + }; + vm.api.jwt.decodeRefresh = function () { + vm.ropSession = OAUTH3.jwt.decode(vm.form.refreshToken || vm.refreshToken); + }; + vm.api.providerUri = function () { console.log('[DEBUG] providerUri:', vm.providerUri); try {