WIP token exchange

2017-12-02 07:25:46 +00:00 · 2017-12-02 07:25:46 +00:00 · 9627e2054e
commit 9627e2054e
parent 03c5974a78
3 changed files with 35 additions and 4 deletions
--- a/accounts.js
+++ b/accounts.js
@ -177,8 +177,8 @@ function create(app) {
      return createOtp(store, params).then(function (code) {
        var emailParams = {
          to:      params.username,
-          from:    'login@daplie.com',
-          replyTo: 'hello@daplie.com',
+          from:    'login@mg.hellabit.com',
+          replyTo: 'hello@mg.hellabit.com',
          subject: "Use " + code.code + " as your Login Code",
          text: "Your login code is:\n\n"
                + code.code
@ -202,6 +202,23 @@ function create(app) {
    app.handlePromise(req, res, promise, '[issuer@oauth3.org] send one-time-password');
  };

+  restful.exchangeToken = function (req, res) {
+    var OAUTH3 = require('./oauth3.js');
+    console.log('[exchangeToken] req.oauth3:');
+    console.log(req.oauth3); // req.oauth3.encodedToken
+
+    console.log('[exchangeToken] OAUTH3.jwk:');
+    console.log(OAUTH3.jwk);
+
+    var promise = OAUTH3.jwk.verifyToken(req.oauth3.encodedToken).then(function (result) {
+      console.log('[exchangeToken] verifyToken result:');
+      console.log(result);
+      return { error: { code: "E_NO_IMPL", message: "not implemented [183]" } };
+    });
+
+    app.handlePromise(req, res, promise, '[issuer@oauth3.org] exchangeToken');
+  };
+
  restful.createToken = function (req, res) {
    var store;
    var promise = req.getSiteStore().then(function (_store) {
--- a/models.js
+++ b/models.js
@ -1,7 +1,7 @@
 'use strict';

 var apiname = 'issuer_oauth3_org';
-var baseFields = [ 'createdAt', 'updatedAt', 'deletedAt' ];
+var baseFields = [ 'createdAt', 'updatedAt', 'deletedAt', 'revokedAt', 'insertedAt' ];

 module.exports = [
  {
@ -15,6 +15,18 @@ module.exports = [
    indices: baseFields.concat([ 'code', 'expires' ]),
  },
  {
+    tablename: apiname + '_credentials',
+    idname: 'id',
+    // credentialId = ppid@iss
+    indices: baseFields.concat([ 'credentialId', 'sub', 'iss', 'typ' ]), // comment, recoveryCredential
+  },
+  {
+    tablename: apiname + '_credentials_profiles',
+    idname: 'id',
+    // credentialId = ppid@iss
+    indices: baseFields.concat([ 'credentialId', 'profileId' ]),
+  },
+  { // TODO rename to profiles
    tablename: apiname + '_accounts',
    idname: 'username',
    indices: baseFields.concat([ 'accountId' ]),
@ -33,5 +45,5 @@ module.exports = [
    tablename: apiname + '_grants',
    idname: 'id',
    indices: baseFields.concat([ 'sub', 'azp', 'azpSub', 'scope' ]),
-  },
+  }
 ];
--- a/rest.js
+++ b/rest.js
@ -48,6 +48,8 @@ module.exports.create = function (bigconf, deps, app) {
  app.post(  '/access_token/:sub/:aud/:azp',    Accounts.restful.createToken);
  app.post(  '/access_token',                   Accounts.restful.createToken);

+  app.post(  '/exchange_token',                 Accounts.restful.exchangeToken);
+
  app.use(   '/acl/profile',                    attachSiteModels);
  app.get(   '/acl/profile',                    Accounts.restful.getProfile);
  app.post(  '/acl/profile',                    Accounts.restful.setProfile);