create account if none exists

This commit is contained in:
AJ ONeal 2017-02-15 20:09:31 -05:00
parent 84612050c7
commit 23d65ec4da
1 changed files with 18 additions and 5 deletions

View File

@ -108,6 +108,8 @@
console.info('[oauth3.hooks.refreshSession] oldSession', JSON.parse(JSON.stringify(oldSession))); console.info('[oauth3.hooks.refreshSession] oldSession', JSON.parse(JSON.stringify(oldSession)));
console.info('[oauth3.hooks.refreshSession] newSession', newSession); console.info('[oauth3.hooks.refreshSession] newSession', newSession);
// shim for account create which does not return new refresh_token
newSession.refresh_token = newSession.refresh_token || oldSession.refresh_token;
Object.keys(oldSession).forEach(function (key) { Object.keys(oldSession).forEach(function (key) {
oldSession[key] = undefined; oldSession[key] = undefined;
}); });
@ -122,13 +124,24 @@
// info about the newly-discovered token // info about the newly-discovered token
oldSession.token = oldSession.meta = core.jwt.decode(oldSession.access_token).payload; oldSession.token = oldSession.meta = core.jwt.decode(oldSession.access_token).payload;
oldSession.token.sub = oldSession.token.sub || oldSession.token.acx.id; oldSession.token.sub = oldSession.token.sub
|| (oldSession.token.acx && oldSession.token.acx.id)
|| (oldSession.token.axs && oldSession.token.axs.length && oldSession.token.axs[0].appScopedId)
;
oldSession.token.client_uri = clientUri; oldSession.token.client_uri = clientUri;
oldSession.token.provider_uri = providerUri; oldSession.token.provider_uri = providerUri;
if (oldSession.refresh_token || oldSession.refreshToken) { if (!oldSession.token.sub) {
oldSession.refresh = core.jwt.decode(oldSession.refresh_token || oldSession.refreshToken).payload; // TODO this is broken hard
oldSession.refresh.sub = oldSession.refresh.sub || oldSession.refresh.acx.id; console.warn('TODO implementation for OAUTH3.hooks.accounts.create (GUI, CLI, or API)');
}
if (oldSession.refresh_token) {
oldSession.refresh = core.jwt.decode(oldSession.refresh_token).payload;
oldSession.refresh.sub = oldSession.refresh.sub
|| (oldSession.refresh.acx && oldSession.refresh.acx.id)
|| (oldSession.refresh.axs && oldSession.refresh.axs.length && oldSession.refresh.axs[0].appScopedId)
;
oldSession.refresh.provider_uri = providerUri; oldSession.refresh.provider_uri = providerUri;
} }
@ -205,7 +218,7 @@
// TODO check session.token.aud against preq.url to make sure they match // TODO check session.token.aud against preq.url to make sure they match
console.warn("[security] session audience checking has not been implemented yet (it's up to you to check)"); console.warn("[security] session audience checking has not been implemented yet (it's up to you to check)");
preq.headers = preq.headers || {}; preq.headers = preq.headers || {};
preq.headers.Authorization = 'Bearer ' + (preq.session.access_token || preq.session.accessToken); preq.headers.Authorization = 'Bearer ' + preq.session.access_token;
} }
if (!oauth3._lintRequest) { if (!oauth3._lintRequest) {