coolaj86
/
oauth3.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

.meta -> .token

This commit is contained in:
AJ ONeal 2017-02-13 12:46:12 -05:00
parent dc67f63856
commit 1425d02f65
4 changed files with 17 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
oauth3.core.js
View File

@ -175,10 +175,10 @@
, signature: parts[2] // should remain url-safe base64 , signature: parts[2] // should remain url-safe base64
}; };
} }
, getFreshness: function (meta, staletime, now) { , getFreshness: function (tokenMeta, staletime, now) {
staletime = staletime || (15 * 60); staletime = staletime || (15 * 60);
now = now || Date.now(); now = now || Date.now();
var fresh = ((parseInt(meta.exp, 10) || 0) - Math.round(now / 1000)); var fresh = ((parseInt(tokenMeta.exp, 10) || 0) - Math.round(now / 1000));
if (fresh >= staletime) { if (fresh >= staletime) {
return 'fresh'; return 'fresh';

8
oauth3.core.provider.js
View File

@ -158,7 +158,7 @@
var url = core.urls.resolve(directive.issuer, directive.grants.url) var url = core.urls.resolve(directive.issuer, directive.grants.url)
.replace(/(:azp|:client_id)/g, core.normalizeUri(opts.client_id || opts.client_uri)) .replace(/(:azp|:client_id)/g, core.normalizeUri(opts.client_id || opts.client_uri))
.replace(/(:sub|:account_id)/g, opts.session.meta.sub) .replace(/(:sub|:account_id)/g, opts.session.token.sub)
; ;
var data = { var data = {
client_id: opts.client_id client_id: opts.client_id
@ -206,12 +206,14 @@
//$('.js-user-avatar').attr('src', userAvatar); //$('.js-user-avatar').attr('src', userAvatar);
/*
console.log('grants options'); console.log('grants options');
console.log(loc.hash); console.log(loc.hash);
console.log(loc.search); console.log(loc.search);
console.log(clientObj); console.log(clientObj);
console.log(session.meta); console.log(session.token);
console.log(window.document.referrer); console.log(window.document.referrer);
*/
return OAUTH3.requests.grants(CONFIG.host, { return OAUTH3.requests.grants(CONFIG.host, {
method: 'GET' method: 'GET'
@ -256,7 +258,7 @@
//return generateToken(session, clientObj); //return generateToken(session, clientObj);
} }
grants = grantResults.originalData.grants.filter(function (grant) { grants = (grantResults.originalData||grantResults.data).grants.filter(function (grant) {
if (clientUri === (grant.azp || grant.oauth_client_id || grant.oauthClientId)) { if (clientUri === (grant.azp || grant.oauth_client_id || grant.oauthClientId)) {
return true; return true;
} }

14
oauth3.js
View File

@ -51,7 +51,7 @@
console.warn('[oauth3.hooks.checkSession] no session'); console.warn('[oauth3.hooks.checkSession] no session');
return oauth3.PromiseA.resolve(null); return oauth3.PromiseA.resolve(null);
} }
var freshness = oauth3.core.jwt.getFreshness(preq.session.meta, opts.staletime); var freshness = oauth3.core.jwt.getFreshness(preq.session.token, opts.staletime);
console.info('[oauth3.hooks.checkSession] freshness', freshness, preq.session); console.info('[oauth3.hooks.checkSession] freshness', freshness, preq.session);
switch (freshness) { switch (freshness) {
@ -118,11 +118,11 @@
oldSession.client_uri = clientUri; // azp oldSession.client_uri = clientUri; // azp
// info about the newly-discovered token // info about the newly-discovered token
oldSession.meta = core.jwt.decode(oldSession.access_token).payload; oldSession.token = oldSession.meta = core.jwt.decode(oldSession.access_token).payload;
oldSession.meta.sub = oldSession.meta.sub || oldSession.meta.acx.id; oldSession.token.sub = oldSession.token.sub || oldSession.token.acx.id;
oldSession.meta.client_uri = clientUri; oldSession.token.client_uri = clientUri;
oldSession.meta.provider_uri = providerUri; oldSession.token.provider_uri = providerUri;
if (oldSession.refresh_token || oldSession.refreshToken) { if (oldSession.refresh_token || oldSession.refreshToken) {
oldSession.refresh = core.jwt.decode(oldSession.refresh_token || oldSession.refreshToken).payload; oldSession.refresh = core.jwt.decode(oldSession.refresh_token || oldSession.refreshToken).payload;
@ -200,7 +200,7 @@
function lintAndRequest(preq) { function lintAndRequest(preq) {
function goGetHer() { function goGetHer() {
if (preq.session) { if (preq.session) {
// TODO check session.meta.aud against preq.url to make sure they match // TODO check session.token.aud against preq.url to make sure they match
console.warn("[security] session audience checking has not been implemented yet (it's up to you to check)"); console.warn("[security] session audience checking has not been implemented yet (it's up to you to check)");
preq.headers = preq.headers || {}; preq.headers = preq.headers || {};
preq.headers.Authorization = 'Bearer ' + (preq.session.access_token || preq.session.accessToken); preq.headers.Authorization = 'Bearer ' + (preq.session.access_token || preq.session.accessToken);
@ -285,7 +285,7 @@
return { return {
client: oauth3.hooks.getGrants(opts.client_id + '-client') client: oauth3.hooks.getGrants(opts.client_id + '-client')
, grants: oauth3.hooks.getGrants(opts.client_id) , grants: oauth3.hooks.getGrants(opts.client_id) || []
}; };
}); });
}); });

3
oauth3.provider.js
View File

@ -47,6 +47,9 @@
return; return;
} }
console.warn("What are grants? Baby don't hurt me. Don't hurt me. No more.");
console.warn(grants);
myGrants = grants.grants.filter(function (grant) { myGrants = grants.grants.filter(function (grant) {
if (clientUri === (grant.azp || grant.oauth_client_id || grant.oauthClientId)) { if (clientUri === (grant.azp || grant.oauth_client_id || grant.oauthClientId)) {
return true; return true;