diff --git a/oauth3.issuer.js b/oauth3.issuer.js index e09aadf..482e1a2 100644 --- a/oauth3.issuer.js +++ b/oauth3.issuer.js @@ -370,18 +370,28 @@ OAUTH3.authz.scopes = function (providerUri, session, clientParams) { //return generateToken(session, clientObj); } - return OAUTH3.authz.grants(providerUri, { - method: 'GET' - , client_id: clientUri - , client_uri: clientUri - , session: session - }).then(function (results) { - return results.grants; - }, function (err) { - if (!/no .*grants .*found/i.test(err.message)) { - throw err; + return OAUTH3.hooks.grants.get(session.token.sub, clientUri).then(function (granted) { + if (granted) { + if (typeof granted.scope === 'string') { + return OAUTH3.scope.parse(granted.scope); + } else if (Array.isArray(granted.scope)) { + return granted.scope; + } } - return []; + + return OAUTH3.authz.grants(providerUri, { + method: 'GET' + , client_id: clientUri + , client_uri: clientUri + , session: session + }).then(function (results) { + return results.grants; + }, function (err) { + if (!/no .*grants .*found/i.test(err.message)) { + throw err; + } + return []; + }); }).then(function (granted) { var requested = OAUTH3.scope.parse(scope); var accepted = []; @@ -413,13 +423,16 @@ OAUTH3.authz.grants = function (providerUri, opts) { if (grants.error) { return OAUTH3.PromiseA.reject(OAUTH3.error.parse(providerUri, grants)); } - if ('POST' === opts.method) { + // the responses for GET and POST requests are now the same, so we should alway be able to + // use the response and save it the same way. + if ('GET' !== opts.method && 'POST' !== opts.method) { return grants; } - OAUTH3.hooks.grants.set(grants.sub+'/'+grants.azp, grants.scope); + OAUTH3.hooks.grants.set(grants.sub, grants.azp, grants); return { client: grants.azp + , clientSub: grants.azpSub , grants: OAUTH3.scope.parse(grants.scope) }; }); @@ -541,17 +554,23 @@ OAUTH3.requests.accounts.create = function (directive, session, account) { }; OAUTH3.hooks.grants = { - get: function (clientUri) { + get: function (id, clientUri) { OAUTH3.hooks._checkStorage('grants', 'get'); + if (!id) { + throw new Error("id is not set"); + } if (!clientUri) { throw new Error("clientUri is not set"); } return OAUTH3.PromiseA.resolve(OAUTH3._hooks.grants.get(OAUTH3.uri.normalize(clientUri))); } -, set: function (clientUri, grants) { +, set: function (id, clientUri, grants) { OAUTH3.hooks._checkStorage('grants', 'set'); + if (!id) { + throw new Error("id is not set"); + } if (!clientUri) { throw new Error("clientUri is not set"); } @@ -650,19 +669,23 @@ OAUTH3.hooks.session.get = function (providerUri, id) { OAUTH3._defaultStorage.grants = { prefix: 'grants-' -, get: function (clientUri) { - var result = JSON.parse(window.localStorage.getItem(this.prefix + clientUri) || 'null'); +, get: function (id, clientUri) { + var key = this.prefix + id+'/'+clientUri; + var result = JSON.parse(window.localStorage.getItem(key) || 'null'); return OAUTH3.PromiseA.resolve(result); } -, set: function (clientUri, grants) { - window.localStorage.setItem(this.prefix + clientUri, JSON.stringify(grants)); +, set: function (id, clientUri, grants) { + var key = this.prefix + id+'/'+clientUri; + window.localStorage.setItem(key, JSON.stringify(grants)); return this.get(clientUri); } , all: function () { var prefix = this.prefix; var result = {}; OAUTH3._defaultStorage._getStorageKeys(prefix, window.localStorage).forEach(function (key) { - result[key.replace(prefix, '')] = JSON.parse(window.localStorage.getItem(key) || 'null'); + var split = key.replace(prefix, '').split('/'); + if (!result[split[0]]) { result[split[0]] = {}; } + result[split[0]][split[1]] = JSON.parse(window.localStorage.getItem(key) || 'null'); }); return OAUTH3.PromiseA.resolve(result); }