coolaj86
/
oauth3.js
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

WIP request rpc

This commit is contained in:
AJ ONeal 2017-11-25 07:46:37 +00:00
parent bc82bb6f1b
commit d015e66f17
1 changed files with 47 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
oauth3.core.js
View File

@ -294,25 +294,23 @@
} }
} }
, urls: { , urls: {
, discover: function (providerUri, opts) { , rpc: function (providerUri, opts) {
if (!providerUri) { if (!providerUri) {
throw new Error("cannot discover without providerUri"); throw new Error("cannot run rpc without providerUri");
} }
if (!opts.client_id) { if (!opts.client_id) {
throw new Error("cannot discover without options.client_id"); throw new Error("cannot run rpc without options.client_id");
} }
var clientId = OAUTH3.url.normalize(opts.client_id || opts.client_uri); var clientId = OAUTH3.url.normalize(opts.client_id || opts.client_uri);
providerUri = OAUTH3.url.normalize(providerUri); providerUri = OAUTH3.url.normalize(providerUri);
var discoverFile = opts.discoverFile || "directives.json";
var params = { var params = {
action: 'directives' //TODO: change this to not be directive specific. Is it even used? state: opts.state || OAUTH3.utils.randomState()
, state: opts.state || OAUTH3.utils.randomState()
, redirect_uri: clientId + (opts.client_callback_path || '/.well-known/oauth3/callback.html#/') , redirect_uri: clientId + (opts.client_callback_path || '/.well-known/oauth3/callback.html#/')
, response_type: 'rpc' , response_type: 'rpc'
, discoverFile: opts.discoveFile || "directives.json"
, _method: 'GET' , _method: 'GET'
, _pathname: '.well-known/oauth3/directives.json' , _scheme: opts._scheme
, _pathname: opts._pathname
, debug: opts.debug || undefined , debug: opts.debug || undefined
}; };
@ -325,6 +323,13 @@
return toRequest; return toRequest;
} }
, discover: function (providerUri, opts) {
return OAUTH3.urls.directives(providerUri, opts);
}
, directives: function (providerUri, opts) {
opts._pathname = ".well-known/oauth3/scopes.json";
return OAUTH3.urls.rpc(providerUri, opts);
}
, implicitGrant: function (directive, opts) { , implicitGrant: function (directive, opts) {
// //
// Example Implicit Grant Request // Example Implicit Grant Request
@ -669,21 +674,26 @@
} }
} }
, discoverScopes: function (providerUri, opts) { , discoverScopes: function (providerUri, opts) {
return OAUTH.scopes(providerUri, opts);
}
, scopes: function (providerUri, opts) {
if (!providerUri) { if (!providerUri) {
throw new Error('oauth3.discoverScopes(providerUri, opts) received providerUri as :', providerUri); throw new Error('oauth3.discoverScopes(providerUri, opts) received providerUri as :', providerUri);
} }
var opts = opts || {}; opts = opts || {};
opts.discoverFile = "scopes.json"; opts._pathname = ".well-known/oauth3/scopes.json";
//TODO: add caching //TODO: add caching
return OAUTH3._discoverHelper(providerUri, opts).then(function(scopes) { return OAUTH3._rpcHelper(providerUri, opts).then(function(scopes) {
return scopes; return scopes;
}); });
} }
, discover: function (providerUri, opts) { , discover: function (providerUri, opts) {
return OAUTH3.directives(providerUri, opts);
}
, directives: function (providerUri, opts) {
if (!providerUri) { if (!providerUri) {
throw new Error('oauth3.discover(providerUri, opts) received providerUri as :', providerUri); throw new Error('oauth3.discover(providerUri, opts) received providerUri as :', providerUri);
} }
@ -693,7 +703,8 @@
return directives; return directives;
} }
return OAUTH3._discoverHelper(providerUri, opts).then(function (directives) { opts._pathname = ".well-known/oauth3/directives.json";
return OAUTH3._rpcHelper(providerUri, opts).then(function (directives) {
directives.azp = directives.azp || OAUTH3.url.normalize(providerUri); directives.azp = directives.azp || OAUTH3.url.normalize(providerUri);
directives.issuer = directives.issuer || OAUTH3.url.normalize(providerUri); directives.issuer = directives.issuer || OAUTH3.url.normalize(providerUri);
directives.api = OAUTH3.url.normalize((directives.api||':hostname').replace(/:hostname/, OAUTH3.uri.normalize(directives.issuer) || OAUTH3.uri.normalize(providerUri))); directives.api = OAUTH3.url.normalize((directives.api||':hostname').replace(/:hostname/, OAUTH3.uri.normalize(directives.issuer) || OAUTH3.uri.normalize(providerUri)));
@ -702,9 +713,8 @@
}); });
}); });
} }
, _discoverHelper: function(providerUri, opts) { , _rpcHelper: function(providerUri, opts) {
opts.discoverFile = "directives.json"; return OAUTH3._browser.rpc(providerUri, opts);
return OAUTH3._browser.discover(providerUri, opts);
} }
, request: function (preq, opts) { , request: function (preq, opts) {
function fetch() { function fetch() {
@ -884,28 +894,28 @@
// //
, _browser: { , _browser: {
window: 'undefined' !== typeof window ? window : null window: 'undefined' !== typeof window ? window : null
// TODO we don't need to include this if we're using jQuery or angular , rpc: function(providerUri, opts) {
, discover: function(providerUri, opts) {
opts = opts || {}; opts = opts || {};
providerUri = OAUTH3.url.normalize(providerUri); providerUri = OAUTH3.url.normalize(providerUri);
// If no discoverFile was specified, who knows what they want, but // TODO SECURITY should we whitelist our own self?
// this function used to only support directives.json, so it's worth
// a shot.
var discoverFile = opts.discoverFile || "directives.json";
if (OAUTH3.uri.normalize(providerUri).replace(/\/.*/, '') === OAUTH3.uri.normalize(OAUTH3._browser.window.location.hostname)) { if (OAUTH3.uri.normalize(providerUri).replace(/\/.*/, '') === OAUTH3.uri.normalize(OAUTH3._browser.window.location.hostname)) {
console.warn("It looks like you're a provider trying to discover on yourself," console.warn("It looks like you're a provider trying to run rpc on yourself,"
+ " so we we're just gonna use" + " so we we're just gonna use"
+ " OAUTH3.request({ method: 'GET', url: " + " OAUTH3.request({ method: 'GET', url: "
+ "'/.well-known/oauth3/" + discoverFile + "' })"); + "'" + opts._pathname + "' })");
return OAUTH3.request({ if (/localstorage/i.test(opts._scheme)) {
method: 'GET' return OAUTH3.PromiseA.resolve(localStorage.getItem(opts._pathname));
, url: OAUTH3.url.normalize(providerUri) + '/.well-known/oauth3/' + discoverFile }
}).then(function (resp) { else {
return resp.data; return OAUTH3.request({
}); method: 'GET'
, url: OAUTH3.url.normalize(providerUri) + opts._pathname // '/.well-known/oauth3/' + discoverFile
}).then(function (resp) {
return resp.data;
});
}
} }
if (!(opts.client_id || opts.client_uri).match(OAUTH3._browser.window.location.hostname)) { if (!(opts.client_id || opts.client_uri).match(OAUTH3._browser.window.location.hostname)) {
@ -914,18 +924,20 @@
console.warn(opts.client_id || opts.client_uri, OAUTH3._browser.window.location.hostname); console.warn(opts.client_id || opts.client_uri, OAUTH3._browser.window.location.hostname);
} }
var discReq = OAUTH3.urls.discover( var discReq = OAUTH3.urls.rpc(
providerUri providerUri
, { client_id: (opts.client_id || opts.client_uri || OAUTH3.clientUri(OAUTH3._browser.window.location)) , { client_id: (opts.client_id || opts.client_uri || OAUTH3.clientUri(OAUTH3._browser.window.location))
, windowType: opts.broker && opts.windowType || 'background' , windowType: opts.broker && opts.windowType || 'background'
, broker: opts.broker , broker: opts.broker
, state: opts._state || undefined , state: opts._state || undefined
, debug: opts.debug , debug: opts.debug
, discoverFile: opts.discoverFile , _scheme: opts._scheme
, _pathname: opts._pathname
, _method: opts._method
} }
); );
opts._state = discReq.state; opts._state = discReq.state;
//var discReq = OAUTH3.urls.discover(providerUri, opts); //var discReq = OAUTH3.urls.rpc(providerUri, opts);
// hmm... we're gonna need a broker for this since switching windows is distracting, // hmm... we're gonna need a broker for this since switching windows is distracting,
// popups are obnoxious, iframes are sometimes blocked, and most servers don't implement CORS // popups are obnoxious, iframes are sometimes blocked, and most servers don't implement CORS