coolaj86
/
issuer.rest.walnut.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

removed `sub` as strict requirement for saving grants

This commit is contained in:
tigerbot 2017-07-26 15:52:11 -06:00
parent 189a9424cd
commit 95bc9869ad
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
grants.js
View File

@ -1,7 +1,9 @@
'use strict';
var crypto = require('crypto');
var PromiseA = require('bluebird');
var OpErr = PromiseA.OperationalError;
var makeB64UrlSafe = require('./common').makeB64UrlSafe;
function trim(grant) {
@ -39,10 +41,21 @@ function create(app) {
};
restful.saveNew = function (req, res) {
var promise = PromiseA.resolve().then(function () {
var promise = req.Store.get(req.params.sub+'/'+req.params.azp).then(function (existing) {
if (existing) {
if (req.body.sub && req.body.sub !== existing.azpSub) {
throw new OpErr("specified 'sub' does not agree with existing grants");
}
req.body.sub = existing.azpSub;
}
if (!req.body.sub) {
req.body.sub = makeB64UrlSafe(crypto.randomBytes(32).toString('base64'));
}
if (typeof req.body.scope !== 'string' || typeof req.body.sub !== 'string') {
throw new OpErr("malformed request: 'sub' and 'scope' must be strings");
}
return req.Store.find({ azpSub: req.body.sub });
}).then(function (existing) {
if (existing.length) {