From 1425d02f654a283b22ca5ededc213c725862f65d Mon Sep 17 00:00:00 2001
From: AJ ONeal <aj@daplie.com>
Date: Mon, 13 Feb 2017 12:46:12 -0500
Subject: [PATCH] .meta -> .token

---
 oauth3.core.js          |  4 ++--
 oauth3.core.provider.js |  8 +++++---
 oauth3.js               | 14 +++++++-------
 oauth3.provider.js      |  3 +++
 4 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/oauth3.core.js b/oauth3.core.js
index 0c2b426..a280465 100644
--- a/oauth3.core.js
+++ b/oauth3.core.js
@@ -175,10 +175,10 @@
       , signature: parts[2] // should remain url-safe base64
       };
     }
-  , getFreshness: function (meta, staletime, now) {
+  , getFreshness: function (tokenMeta, staletime, now) {
       staletime = staletime || (15 * 60);
       now = now || Date.now();
-      var fresh = ((parseInt(meta.exp, 10) || 0) - Math.round(now / 1000));
+      var fresh = ((parseInt(tokenMeta.exp, 10) || 0) - Math.round(now / 1000));
 
       if (fresh >= staletime) {
         return 'fresh';
diff --git a/oauth3.core.provider.js b/oauth3.core.provider.js
index 6f657f8..86ddfeb 100644
--- a/oauth3.core.provider.js
+++ b/oauth3.core.provider.js
@@ -158,7 +158,7 @@
 
     var url = core.urls.resolve(directive.issuer, directive.grants.url)
       .replace(/(:azp|:client_id)/g, core.normalizeUri(opts.client_id || opts.client_uri))
-      .replace(/(:sub|:account_id)/g, opts.session.meta.sub)
+      .replace(/(:sub|:account_id)/g, opts.session.token.sub)
       ;
     var data = {
       client_id: opts.client_id
@@ -206,12 +206,14 @@
 
     //$('.js-user-avatar').attr('src', userAvatar);
 
+    /*
     console.log('grants options');
     console.log(loc.hash);
     console.log(loc.search);
     console.log(clientObj);
-    console.log(session.meta);
+    console.log(session.token);
     console.log(window.document.referrer);
+    */
 
     return OAUTH3.requests.grants(CONFIG.host, {
       method: 'GET'
@@ -256,7 +258,7 @@
         //return generateToken(session, clientObj);
       }
 
-      grants = grantResults.originalData.grants.filter(function (grant) {
+      grants = (grantResults.originalData||grantResults.data).grants.filter(function (grant) {
         if (clientUri === (grant.azp || grant.oauth_client_id || grant.oauthClientId)) {
           return true;
         }
diff --git a/oauth3.js b/oauth3.js
index 388f914..972095c 100644
--- a/oauth3.js
+++ b/oauth3.js
@@ -51,7 +51,7 @@
         console.warn('[oauth3.hooks.checkSession] no session');
         return oauth3.PromiseA.resolve(null);
       }
-      var freshness = oauth3.core.jwt.getFreshness(preq.session.meta, opts.staletime);
+      var freshness = oauth3.core.jwt.getFreshness(preq.session.token, opts.staletime);
       console.info('[oauth3.hooks.checkSession] freshness', freshness, preq.session);
 
       switch (freshness) {
@@ -118,11 +118,11 @@
       oldSession.client_uri = clientUri;      // azp
 
       // info about the newly-discovered token
-      oldSession.meta = core.jwt.decode(oldSession.access_token).payload;
+      oldSession.token = oldSession.meta = core.jwt.decode(oldSession.access_token).payload;
 
-      oldSession.meta.sub = oldSession.meta.sub || oldSession.meta.acx.id;
-      oldSession.meta.client_uri = clientUri;
-      oldSession.meta.provider_uri = providerUri;
+      oldSession.token.sub = oldSession.token.sub || oldSession.token.acx.id;
+      oldSession.token.client_uri = clientUri;
+      oldSession.token.provider_uri = providerUri;
 
       if (oldSession.refresh_token || oldSession.refreshToken) {
         oldSession.refresh = core.jwt.decode(oldSession.refresh_token || oldSession.refreshToken).payload;
@@ -200,7 +200,7 @@
     function lintAndRequest(preq) {
       function goGetHer() {
         if (preq.session) {
-          // TODO check session.meta.aud against preq.url to make sure they match
+          // TODO check session.token.aud against preq.url to make sure they match
           console.warn("[security] session audience checking has not been implemented yet (it's up to you to check)");
           preq.headers = preq.headers || {};
           preq.headers.Authorization = 'Bearer ' + (preq.session.access_token || preq.session.accessToken);
@@ -285,7 +285,7 @@
 
         return {
           client: oauth3.hooks.getGrants(opts.client_id + '-client')
-        , grants: oauth3.hooks.getGrants(opts.client_id)
+        , grants: oauth3.hooks.getGrants(opts.client_id) || []
         };
       });
     });
diff --git a/oauth3.provider.js b/oauth3.provider.js
index 4af4083..dbaf8ea 100644
--- a/oauth3.provider.js
+++ b/oauth3.provider.js
@@ -47,6 +47,9 @@
         return;
       }
 
+      console.warn("What are grants? Baby don't hurt me. Don't hurt me. No more.");
+      console.warn(grants);
+
       myGrants = grants.grants.filter(function (grant) {
         if (clientUri === (grant.azp || grant.oauth_client_id || grant.oauthClientId)) {
           return true;