From c548b44d192f091739db2f7b22c9942a025c2527 Mon Sep 17 00:00:00 2001
From: tigerbot <seth.gibelyou@daplie.com>
Date: Wed, 28 Jun 2017 18:34:20 -0600
Subject: [PATCH] added routes to save and retreive grants

---
 models.js |  8 +++++++-
 rest.js   | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 58 insertions(+), 1 deletion(-)

diff --git a/models.js b/models.js
index f07fe96..9eba768 100644
--- a/models.js
+++ b/models.js
@@ -9,5 +9,11 @@ module.exports = [
     idname: 'id',
     unique: ['id'],
     indices: baseFields.concat([ 'kty', 'kid', 'sub' ]),
-  }
+  },
+  {
+    tablename: apiname + '_grants',
+    idname: 'id',
+    unique: ['id'],
+    indices: baseFields.concat([ 'sub', 'azp', 'scope' ]),
+  },
 ];
diff --git a/rest.js b/rest.js
index da4b57e..d307ee5 100644
--- a/rest.js
+++ b/rest.js
@@ -5,6 +5,7 @@ var crypto = require('crypto');
 
 module.exports.create = function (bigconf, deps, app) {
   var Jwks = { restful: {} };
+  var Grants = { restful: {} };
 
   // This tablename is based on the tablename found in the objects in model.js.
   // Instead of the snake_case the name with be UpperCammelCase, converted by masterquest-sqlite3.
@@ -98,9 +99,59 @@ module.exports.create = function (bigconf, deps, app) {
     app.handlePromise(req, res, promise, "[issuer@oauth3.org] create JWK");
   };
 
+  Grants.restful.get = function (req, res) {
+    var query = {
+      sub: req.params.sub || req.query.sub,
+      azp: req.params.azp || req.query.azp,
+    };
+    var promise = req.Store.find(query, function (results) {
+      if (!results.length) {
+        throw new Error('no grants found');
+      }
+      return {
+        sub: results[0].sub,
+        azp: results[0].azp,
+        scope: results[0].scope,
+      };
+    });
+
+    app.handlePromise(req, res, promise, "[issuer@oauth3.org] retrieve grants");
+  };
+  Grants.restful.saveNew = function (req, res) {
+    var query = {
+      sub: req.params.sub,
+      azp: req.params.azp,
+    };
+    var promise = PromiseA.resolve().then(function () {
+      if (typeof req.body.scope !== 'string') {
+        throw new Error("malformed request: 'scope' should be a string");
+      }
+    }).then(function () {
+      return req.Store.find(query, function (results) {
+        if (!results.length) {
+          return crypto.randomBytes(32).toString('hex');
+        } else {
+          return results[0].id;
+        }
+      });
+    }).then(function (id) {
+      query.scope = req.body.scope.replace(/ *, */g, ',');
+      return req.Store.upsert(id, query);
+    }).then(function () {
+      return {success: true};
+    });
+
+    app.handlePromise(req, res, promise, '[issuer@oauth3.org] save grants');
+  };
+
   app.use(   '/jwks', attachSiteStore.bind(null, 'IssuerOauth3OrgJwks'));
   app.get(   '/jwks/:kid.json', Jwks.restful.get);
   app.post(  '/jwks/:sub', Jwks.restful.saveNew);
 
+  app.use(   '/grants', attachSiteStore.bind(null, 'IssuerOauth3OrgGrants'));
+  app.get(   '/grants', Grants.restful.check);
+  app.get(   '/grants/:sub/:azp', Grants.restful.check);
+  app.post(  '/grants/:sub/:azp', Grants.restful.saveNew);
+
   app.use(detachSiteStore);
 };