issuer.rest.walnut.js/grants.js

'use strict';

var PromiseA = require('bluebird');
var OpErr = PromiseA.OperationalError;


function trim(grant) {
  return {
    sub:   grant.sub,
    azp:   grant.azp,
    // azpSub: grant.azpSub,
    scope: grant.scope,
    updatedAt: parseInt(grant.updatedAt, 10),
  };
}

function create(app) {
  var restful;

  restful.getOne = function (req, res) {
    var promise = req.Store.get(req.params.sub+'/'+req.params.azp).then(function (grant) {
      if (!grant) {
        throw new OpErr('no grants found');
      }
      return trim(grant);
    });

    app.handlePromise(req, res, promise, "[issuer@oauth3.org] retrieve grants");
  };

  restful.getAll = function (req, res) {
    var promise = req.Store.find({ sub: req.params.sub }).then(function (results) {
      return results.map(trim).sort(function (grantA, grantB) {
        return (grantA.azp < grantB.azp) ? -1 : 1;
      });
    });

    app.handlePromise(req, res, promise, "[issuer@oauth3.org] retrieve grants");
  };

  restful.saveNew = function (req, res) {
    var promise = PromiseA.resolve().then(function () {
      if (typeof req.body.scope !== 'string' || typeof req.body.sub !== 'string') {
        throw new OpErr("malformed request: 'sub' and 'scope' must be strings");
      }
      return req.Store.find({ azpSub: req.body.sub });
    }).then(function (existing) {
      if (existing.length) {
        if (existing.length > 1) {
          throw new OpErr("pre-existing PPID collision detected");
        } else if (existing[0].sub !== req.params.sub || existing[0].azp !== req.params.azp) {
          throw new OpErr("PPID collision detected, cannot save authorized party's sub");
        }
      }

      var grant = {
        sub:    req.params.sub,
        azp:    req.params.azp,
        azpSub: req.body.sub,
        scope:  req.body.scope.split(/[+ ,]+/g).join(','),
      };
      return req.Store.upsert(grant.sub+'/'+grant.azp, grant);
    }).then(function () {
      return {success: true};
    });

    app.handlePromise(req, res, promise, '[issuer@oauth3.org] save grants');
  };

  return {
    trim:    trim,
    restful: restful,
  };
}

module.exports.create = create;
separated the code into different files 2017-07-24 23:10:41 +00:00			`'use strict';`

			`var PromiseA = require('bluebird');`
			`var OpErr = PromiseA.OperationalError;`


			`function trim(grant) {`
			`return {`
			`sub: grant.sub,`
			`azp: grant.azp,`
			`// azpSub: grant.azpSub,`
			`scope: grant.scope,`
			`updatedAt: parseInt(grant.updatedAt, 10),`
			`};`
			`}`

			`function create(app) {`
			`var restful;`

			`restful.getOne = function (req, res) {`
			`var promise = req.Store.get(req.params.sub+'/'+req.params.azp).then(function (grant) {`
			`if (!grant) {`
			`throw new OpErr('no grants found');`
			`}`
			`return trim(grant);`
			`});`

			`app.handlePromise(req, res, promise, "[issuer@oauth3.org] retrieve grants");`
			`};`

			`restful.getAll = function (req, res) {`
			`var promise = req.Store.find({ sub: req.params.sub }).then(function (results) {`
			`return results.map(trim).sort(function (grantA, grantB) {`
			`return (grantA.azp < grantB.azp) ? -1 : 1;`
			`});`
			`});`

			`app.handlePromise(req, res, promise, "[issuer@oauth3.org] retrieve grants");`
			`};`

			`restful.saveNew = function (req, res) {`
			`var promise = PromiseA.resolve().then(function () {`
			`if (typeof req.body.scope !== 'string' \|\| typeof req.body.sub !== 'string') {`
			`throw new OpErr("malformed request: 'sub' and 'scope' must be strings");`
			`}`
			`return req.Store.find({ azpSub: req.body.sub });`
			`}).then(function (existing) {`
			`if (existing.length) {`
			`if (existing.length > 1) {`
			`throw new OpErr("pre-existing PPID collision detected");`
			`} else if (existing[0].sub !== req.params.sub \|\| existing[0].azp !== req.params.azp) {`
			`throw new OpErr("PPID collision detected, cannot save authorized party's sub");`
			`}`
			`}`

			`var grant = {`
			`sub: req.params.sub,`
			`azp: req.params.azp,`
			`azpSub: req.body.sub,`
			`scope: req.body.scope.split(/[+ ,]+/g).join(','),`
			`};`
			`return req.Store.upsert(grant.sub+'/'+grant.azp, grant);`
			`}).then(function () {`
			`return {success: true};`
			`});`

			`app.handlePromise(req, res, promise, '[issuer@oauth3.org] save grants');`
			`};`

			`return {`
			`trim: trim,`
			`restful: restful,`
			`};`
			`}`

			`module.exports.create = create;`