coolaj86
/
oauth3.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

.meta -> .token

This commit is contained in:
AJ ONeal 2017-02-13 12:46:12 -05:00
parent dc67f63856
commit 1425d02f65
4 changed files with 17 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
oauth3.core.js
View File

@ -175,10 +175,10 @@
, signature: parts[2] // should remain url-safe base64
};
}
, getFreshness: function (meta, staletime, now) {
, getFreshness: function (tokenMeta, staletime, now) {
staletime = staletime || (15 * 60);
now = now || Date.now();
var fresh = ((parseInt(meta.exp, 10) || 0) - Math.round(now / 1000));
var fresh = ((parseInt(tokenMeta.exp, 10) || 0) - Math.round(now / 1000));
if (fresh >= staletime) {
return 'fresh';

8
oauth3.core.provider.js
View File

@ -158,7 +158,7 @@
var url = core.urls.resolve(directive.issuer, directive.grants.url)
.replace(/(:azp|:client_id)/g, core.normalizeUri(opts.client_id || opts.client_uri))
.replace(/(:sub|:account_id)/g, opts.session.meta.sub)
.replace(/(:sub|:account_id)/g, opts.session.token.sub)
;
var data = {
client_id: opts.client_id
@ -206,12 +206,14 @@
//$('.js-user-avatar').attr('src', userAvatar);
/*
console.log('grants options');
console.log(loc.hash);
console.log(loc.search);
console.log(clientObj);
console.log(session.meta);
console.log(session.token);
console.log(window.document.referrer);
*/
return OAUTH3.requests.grants(CONFIG.host, {
method: 'GET'
@ -256,7 +258,7 @@
//return generateToken(session, clientObj);
}
grants = grantResults.originalData.grants.filter(function (grant) {
grants = (grantResults.originalData||grantResults.data).grants.filter(function (grant) {
if (clientUri === (grant.azp || grant.oauth_client_id || grant.oauthClientId)) {
return true;
}

14
oauth3.js
View File

@ -51,7 +51,7 @@
console.warn('[oauth3.hooks.checkSession] no session');
return oauth3.PromiseA.resolve(null);
}
var freshness = oauth3.core.jwt.getFreshness(preq.session.meta, opts.staletime);
var freshness = oauth3.core.jwt.getFreshness(preq.session.token, opts.staletime);
console.info('[oauth3.hooks.checkSession] freshness', freshness, preq.session);
switch (freshness) {
@ -118,11 +118,11 @@
oldSession.client_uri = clientUri; // azp
// info about the newly-discovered token
oldSession.meta = core.jwt.decode(oldSession.access_token).payload;
oldSession.token = oldSession.meta = core.jwt.decode(oldSession.access_token).payload;
oldSession.meta.sub = oldSession.meta.sub || oldSession.meta.acx.id;
oldSession.meta.client_uri = clientUri;
oldSession.meta.provider_uri = providerUri;
oldSession.token.sub = oldSession.token.sub || oldSession.token.acx.id;
oldSession.token.client_uri = clientUri;
oldSession.token.provider_uri = providerUri;
if (oldSession.refresh_token || oldSession.refreshToken) {
oldSession.refresh = core.jwt.decode(oldSession.refresh_token || oldSession.refreshToken).payload;
@ -200,7 +200,7 @@
function lintAndRequest(preq) {
function goGetHer() {
if (preq.session) {
// TODO check session.meta.aud against preq.url to make sure they match
// TODO check session.token.aud against preq.url to make sure they match
console.warn("[security] session audience checking has not been implemented yet (it's up to you to check)");
preq.headers = preq.headers || {};
preq.headers.Authorization = 'Bearer ' + (preq.session.access_token || preq.session.accessToken);
@ -285,7 +285,7 @@
return {
client: oauth3.hooks.getGrants(opts.client_id + '-client')
, grants: oauth3.hooks.getGrants(opts.client_id)
, grants: oauth3.hooks.getGrants(opts.client_id) || []
};
});
});

3
oauth3.provider.js
View File

@ -47,6 +47,9 @@
return;
}
console.warn("What are grants? Baby don't hurt me. Don't hurt me. No more.");
console.warn(grants);
myGrants = grants.grants.filter(function (grant) {
if (clientUri === (grant.azp || grant.oauth_client_id || grant.oauthClientId)) {
return true;