coolaj86
/
oauth3.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

creating, publishing, and storing a key pair for remember_device

This commit is contained in:
tigerbot 2017-07-28 17:55:19 -06:00
parent 39c18ab184
commit 84a574e31b
1 changed files with 59 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
oauth3.issuer.js
View File

@ -261,6 +261,32 @@ OAUTH3.urls.clientToken = function (directive, opts) {
, session: opts.session , session: opts.session
}; };
}; };
OAUTH3.urls.publishKey = function (directive, opts) {
var jwkDir = directive.publish_jwk;
if (!jwkDir) {
throw new Error("provider doesn't support publishing public keys");
}
if (!opts) {
throw new Error("You must supply a directive and an options object.");
}
if (!opts.session) {
throw new Error("You must supply 'options.session'.");
}
if (!(opts.public_key || opts.publicKey)) {
throw new Error("You must supply 'options.public_key'.");
}
var url = OAUTH3.url.resolve(directive.api, jwkDir.url)
.replace(/(:sub|:account_id)/g, opts.session.token.sub)
;
return {
method: jwkDir.method || opts.method || 'POST'
, url: url
, data: opts.public_key
, session: opts.session
};
};
OAUTH3.authn = {}; OAUTH3.authn = {};
OAUTH3.authn.loginMeta = function (directive, opts) { OAUTH3.authn.loginMeta = function (directive, opts) {
@ -294,23 +320,41 @@ OAUTH3.authn.otp = function (directive, opts) {
OAUTH3.authn.resourceOwnerPassword = function (directive, opts) { OAUTH3.authn.resourceOwnerPassword = function (directive, opts) {
var providerUri = directive.issuer; var providerUri = directive.issuer;
//var scope = opts.scope; return OAUTH3.request(OAUTH3.urls.resourceOwnerPassword(directive, opts)).then(function (resp) {
//var appId = opts.appId; var data = resp.data;
return OAUTH3.discover(providerUri, opts).then(function (directive) { data.provider_uri = providerUri;
var prequest = OAUTH3.urls.resourceOwnerPassword(directive, opts); if (data.error) {
return OAUTH3.PromiseA.reject(OAUTH3.error.parse(providerUri, data));
}
// TODO return not the raw request? return OAUTH3.hooks.session.refresh(
return OAUTH3.request(prequest).then(function (req) { opts.session || { provider_uri: providerUri, client_uri: opts.client_uri || opts.clientUri }
var data = req.data; , data
data.provider_uri = providerUri; );
if (data.error) { }).then(function (session) {
return OAUTH3.PromiseA.reject(OAUTH3.error.parse(providerUri, data)); if (!opts.rememberDevice && !opts.remember_device) {
return session;
}
return OAUTH3.PromiseA.resolve().then(function () {
if (!OAUTH3.crypto) {
throw new Error("OAuth3 crypto library unavailable");
} }
return OAUTH3.hooks.session.refresh( return OAUTH3.crypto.createKeyPair().then(function (keyPair) {
opts.session || { provider_uri: providerUri, client_uri: opts.client_uri || opts.clientUri } return OAUTH3.request(OAUTH3.urls.publishKey(directive, {
, data session: session
); , publicKey: keyPair.publicKey
})).then(function () {
return OAUTH3.hooks.keyPairs.set(session.token.sub, keyPair);
});
});
}).then(function () {
return session;
}, function (err) {
console.error('failed to save keys to remember device', err);
window.alert('Failed to remember device');
return session;
}); });
}); });
}; };
@ -335,7 +379,7 @@ OAUTH3.authz.scopes = function (providerUri, session, clientParams) {
return results.grants; return results.grants;
}, function (err) { }, function (err) {
if (!/no .*grants .*found/i.test(err.message)) { if (!/no .*grants .*found/i.test(err.message)) {
console.error(err); throw err;
} }
return []; return [];
}).then(function (granted) { }).then(function (granted) {