added routes to save and retreive grants

2017-06-28 18:34:20 -06:00 · 2017-06-28 18:34:20 -06:00 · c548b44d19
parent 5b8d77a555
commit c548b44d19
2 changed files with 58 additions and 1 deletions
--- a/models.js
+++ b/models.js
@ -9,5 +9,11 @@ module.exports = [
    idname: 'id',
    unique: ['id'],
    indices: baseFields.concat([ 'kty', 'kid', 'sub' ]),
-  }
+  },
+  {
+    tablename: apiname + '_grants',
+    idname: 'id',
+    unique: ['id'],
+    indices: baseFields.concat([ 'sub', 'azp', 'scope' ]),
+  },
 ];
--- a/rest.js
+++ b/rest.js
@ -5,6 +5,7 @@ var crypto = require('crypto');

 module.exports.create = function (bigconf, deps, app) {
  var Jwks = { restful: {} };
+  var Grants = { restful: {} };

  // This tablename is based on the tablename found in the objects in model.js.
  // Instead of the snake_case the name with be UpperCammelCase, converted by masterquest-sqlite3.
@ -98,9 +99,59 @@ module.exports.create = function (bigconf, deps, app) {
    app.handlePromise(req, res, promise, "[issuer@oauth3.org] create JWK");
  };

+  Grants.restful.get = function (req, res) {
+    var query = {
+      sub: req.params.sub || req.query.sub,
+      azp: req.params.azp || req.query.azp,
+    };
+    var promise = req.Store.find(query, function (results) {
+      if (!results.length) {
+        throw new Error('no grants found');
+      }
+      return {
+        sub: results[0].sub,
+        azp: results[0].azp,
+        scope: results[0].scope,
+      };
+    });
+
+    app.handlePromise(req, res, promise, "[issuer@oauth3.org] retrieve grants");
+  };
+  Grants.restful.saveNew = function (req, res) {
+    var query = {
+      sub: req.params.sub,
+      azp: req.params.azp,
+    };
+    var promise = PromiseA.resolve().then(function () {
+      if (typeof req.body.scope !== 'string') {
+        throw new Error("malformed request: 'scope' should be a string");
+      }
+    }).then(function () {
+      return req.Store.find(query, function (results) {
+        if (!results.length) {
+          return crypto.randomBytes(32).toString('hex');
+        } else {
+          return results[0].id;
+        }
+      });
+    }).then(function (id) {
+      query.scope = req.body.scope.replace(/ *, */g, ',');
+      return req.Store.upsert(id, query);
+    }).then(function () {
+      return {success: true};
+    });
+
+    app.handlePromise(req, res, promise, '[issuer@oauth3.org] save grants');
+  };
+
  app.use(   '/jwks', attachSiteStore.bind(null, 'IssuerOauth3OrgJwks'));
  app.get(   '/jwks/:kid.json', Jwks.restful.get);
  app.post(  '/jwks/:sub', Jwks.restful.saveNew);

+  app.use(   '/grants', attachSiteStore.bind(null, 'IssuerOauth3OrgGrants'));
+  app.get(   '/grants', Grants.restful.check);
+  app.get(   '/grants/:sub/:azp', Grants.restful.check);
+  app.post(  '/grants/:sub/:azp', Grants.restful.saveNew);
+
  app.use(detachSiteStore);
 };