From a839a68235ef74aa5488b5fa95c8f10b8d30a68f Mon Sep 17 00:00:00 2001
From: drewwarren <drew.warren@daplie.com>
Date: Fri, 24 Feb 2017 14:18:45 -0500
Subject: [PATCH 1/2] bugfix hooks; chimney

---
 oauth3.core.js   | 55 +++++++++++++++++++++++++++---------------------
 oauth3.issuer.js | 24 ++-------------------
 2 files changed, 33 insertions(+), 46 deletions(-)

diff --git a/oauth3.core.js b/oauth3.core.js
index 3396a65..4153afd 100644
--- a/oauth3.core.js
+++ b/oauth3.core.js
@@ -394,11 +394,11 @@
     }
   , hooks: {
       directives: {
-        _get: function (providerUri) {
+        get: function (providerUri) {
           providerUri = OAUTH3.uri.normalize(providerUri);
           if (!OAUTH3.hooks.directives._cache) { OAUTH3.hooks.directives._cache = {}; }
           return OAUTH3.PromiseA.resolve(OAUTH3.hooks.directives._cache[providerUri]
-            || OAUTH3.hooks.directives.get(providerUri))
+            || OAUTH3.hooks.directives._get(providerUri))
             .then(function (directives) {
               // or do .then(this._set) to keep DRY?
             OAUTH3.hooks.directives._cache[providerUri] = directives;
@@ -409,18 +409,18 @@
           providerUri = OAUTH3.uri.normalize(providerUri);
           return OAUTH3.hooks.directives._cache[providerUri];
         }
-      , get: function (providerUri) {
-          console.warn('[Warn] You should implement: OAUTH3.hooks.directives.get = function (providerUri) { return directives; }');
-          return JSON.parse(window.localStorage.getItem('directives-' + providerUri) || '{}');
-        }
-      , _set: function (providerUri, directives) {
+      , set: function (providerUri, directives) {
           providerUri = OAUTH3.uri.normalize(providerUri);
           if (!OAUTH3.hooks.directives._cache) { OAUTH3.hooks.directives._cache = {}; }
           OAUTH3.hooks.directives._cache[providerUri] = directives;
-          return OAUTH3.PromiseA.resolve(OAUTH3.hooks.directives.set(providerUri, directives));
+          return OAUTH3.PromiseA.resolve(OAUTH3.hooks.directives._set(providerUri, directives));
         }
-      , set: function (providerUri, directives) {
-          console.warn('[Warn] You should implement: OAUTH3.hooks.directives.set = function (providerUri, directives) { return directives; }');
+      , _get: function (providerUri) {
+          console.warn('[Warn] Please implement OAUTH3.hooks.directives._get = function (providerUri) { return PromiseA<directives>; }');
+          return JSON.parse(window.localStorage.getItem('directives-' + providerUri) || '{}');
+        }
+      , _set: function (providerUri, directives) {
+          console.warn('[Warn] Please implement OAUTH3.hooks.directives._set = function (providerUri, directives) { return PromiseA<directives>; }');
           window.localStorage.setItem('directives-' + providerUri, JSON.stringify(directives));
           return directives;
         }
@@ -507,29 +507,38 @@
             return newSession; // oauth3.hooks.refreshSession(expiredSession, newSession);
           });
         }
+      , _getCached: function (providerUri) {
+          providerUri = OAUTH3.uri.normalize(providerUri);
+          return OAUTH3.hooks.session._sessions[providerUri];
+        }
       , set: function (providerUri, newSession) {
           if (!providerUri) {
             console.error(new Error('no providerUri').stack);
             throw new Error("providerUri is not set");
           }
           providerUri = OAUTH3.uri.normalize(providerUri);
-          console.warn('[Warn] Please implement OAUTH3.hooks.session.set = function (providerUri, newSession) { return PromiseA<newSession>; }');
           if (!OAUTH3.hooks.session._sessions) { OAUTH3.hooks.session._sessions = {}; }
           OAUTH3.hooks.session._sessions[providerUri] = newSession;
-          return OAUTH3.PromiseA.resolve(newSession);
-        }
-      , _getCached: function (providerUri) {
-          providerUri = OAUTH3.uri.normalize(providerUri);
-          return OAUTH3.hooks.session._sessions[providerUri];
+          return OAUTH3.PromiseA.resolve(OAUTH3.hooks.session._set(providerUri, newSession));
         }
       , get: function (providerUri) {
           providerUri = OAUTH3.uri.normalize(providerUri);
           if (!providerUri) {
             throw new Error("providerUri is not set");
           }
-          console.warn('[Warn] Please implement OAUTH3.hooks.session.get = function (providerUri) { return PromiseA<savedSession>; }');
           if (!OAUTH3.hooks.session._sessions) { OAUTH3.hooks.session._sessions = {}; }
-          return OAUTH3.PromiseA.resolve(OAUTH3.hooks.session._sessions[providerUri] || null);
+
+          return OAUTH3.PromiseA.resolve(OAUTH3.hooks.session._sessions[providerUri]
+            || OAUTH3.hooks.session._get(providerUri) || null);
+        }
+      , _get: function (providerUri) {
+          console.warn('[Warn] Please implement OAUTH3.hooks.session._get = function (providerUri) { return PromiseA<savedSession>; }');
+          return JSON.parse(window.localStorage.getItem('session-' + providerUri) || '{}');
+        }
+      , _set: function (providerUri, newSession) {
+          console.warn('[Warn] Please implement OAUTH3.hooks.session._set = function (providerUri, newSession) { return PromiseA<newSession>; }');
+          window.localStorage.setItem('session-' + providerUri, JSON.stringify(newSession));
+          return newSession;
         }
       }
     }
@@ -538,15 +547,16 @@
         throw new Error('oauth3.discover(providerUri, opts) received providerUri as ' + providerUri);
       }
 
-      return OAUTH3.hooks.directives._get(providerUri).then(function (directives) {
+      return OAUTH3.hooks.directives.get(providerUri).then(function (directives) {
         if (directives && directives.issuer) {
           return directives;
         }
+
         return OAUTH3._discoverHelper(providerUri, opts).then(function (directives) {
           directives.azp = directives.azp || OAUTH3.url.normalize(providerUri);
           directives.issuer = directives.issuer || OAUTH3.url.normalize(providerUri);
           // OAUTH3.PromiseA.resolve() is taken care of because this is wrapped
-          return OAUTH3.hooks.directives._set(providerUri, directives);
+          return OAUTH3.hooks.directives.set(providerUri, directives);
         });
       });
     }
@@ -713,7 +723,6 @@
             method: 'GET'
           , url: OAUTH3.url.normalize(providerUri) + '/.well-known/oauth3/directives.json'
           }).then(function (resp) {
-            console.log('raw directives', resp);
             return resp.data;
           });
         }
@@ -763,7 +772,7 @@
 
           // TODO params should have response_type indicating json, binary, etc
           var directives = JSON.parse(OAUTH3._base64.decodeUrlSafe(params.result || params.directives));
-          // caller will call OAUTH3.hooks.directives._set(providerUri, directives);
+          // caller will call OAUTH3.hooks.directives.set(providerUri, directives);
           return directives;
         });
       }
@@ -1011,7 +1020,6 @@
         return me.init().then(function () {
           // this should be synchronous the second time around
           return OAUTH3.discover(me._providerUri, { client_id: me._clientUri }).then(function (directives) {
-            console.log("setProvider", directives);
             me._providerDirectives = directives;
             return directives;
           });
@@ -1022,7 +1030,6 @@
         opts = opts || {};
         opts.client_uri = me._clientUri;
 
-        console.log('login', me._providerDirectives);
         return OAUTH3.implicitGrant(me._providerDirectives, opts).then(function (session) {
           me._session = true;
           return session;
diff --git a/oauth3.issuer.js b/oauth3.issuer.js
index f0fbc51..77c5c28 100644
--- a/oauth3.issuer.js
+++ b/oauth3.issuer.js
@@ -245,7 +245,6 @@ OAUTH3.authn.loginMeta = function (directive, opts) {
   });
 };
 OAUTH3.authn.otp = function (directive, opts) {
-  console.log('OTP directive', directive);
   var preq = {
     method: directive.credential_otp.method || 'POST'
   , url: OAUTH3.url.resolve(directive.issuer, directive.credential_otp.url)
@@ -258,11 +257,10 @@ OAUTH3.authn.otp = function (directive, opts) {
     , username: opts.email
     }
   };
-  console.log('OTP preq', preq);
+
   return OAUTH3.request(preq);
 };
 OAUTH3.authn.resourceOwnerPassword = function (directive, opts) {
-  console.log('ginger bread man');
   var providerUri = directive.issuer;
 
   //var scope = opts.scope;
@@ -276,6 +274,7 @@ OAUTH3.authn.resourceOwnerPassword = function (directive, opts) {
       if (data.error) {
         return OAUTH3.PromiseA.reject(OAUTH3.error.parse(providerUri, data.error));
       }
+
       return OAUTH3.hooks.session.refresh(
         opts.session || { provider_uri: providerUri, client_uri: opts.client_uri || opts.clientUri }
       , data
@@ -296,17 +295,6 @@ OAUTH3.authz.scopes = function (providerUri, session, clientParams) {
     scope = 'oauth3_authn';
   }
 
-  //$('.js-user-avatar').attr('src', userAvatar);
-
-  /*
-  console.log('grants options');
-  console.log(loc.hash);
-  console.log(loc.search);
-  console.log(clientObj);
-  console.log(session.token);
-  console.log(window.document.referrer);
-  */
-
   return OAUTH3.authz.grants(providerUri, {
     method: 'GET'
   , client_id: clientUri
@@ -388,8 +376,6 @@ OAUTH3.authz.grants = function (providerUri, opts) {
     client_id: providerUri
   , debug: opts.debug
   }).then(function (directive) {
-    console.log('providerUri', providerUri);
-    console.log('directive', directive);
 
     return OAUTH3.request(OAUTH3.urls.grants(directive, opts), opts).then(function (grantsResult) {
       if ('POST' === opts.method) {
@@ -403,8 +389,6 @@ OAUTH3.authz.grants = function (providerUri, opts) {
         return OAUTH3.PromiseA.reject(OAUTH3.error.parse(grants.error));
       }
 
-      console.warn('requests.grants', grants);
-
       OAUTH3.hooks.grants.set(opts.client_id + '-client', grants.client);
       grants.grants.forEach(function (grant) {
         var clientId = grant.client_id || grant.oauth_client_id || grant.oauthClientId;
@@ -420,8 +404,6 @@ OAUTH3.authz.grants = function (providerUri, opts) {
   });
 };
 OAUTH3.authz.redirectWithToken = function (providerUri, session, clientParams, scopes) {
-  console.info('redirectWithToken scopes');
-  console.log(scopes);
 
   scopes.new = scopes.new || [];
 
@@ -437,8 +419,6 @@ OAUTH3.authz.redirectWithToken = function (providerUri, session, clientParams, s
     , session: session
     , debug: clientParams.debug
     }).then(function (results) {
-      console.info('generate token results');
-      console.info(results);
 
       OAUTH3.url.redirect(clientParams, scopes, results);
     });

From f0219f2a5fda9aa9be733e8bba23f50fa3db6336 Mon Sep 17 00:00:00 2001
From: drewwarren <drew.warren@daplie.com>
Date: Fri, 24 Feb 2017 15:05:07 -0500
Subject: [PATCH 2/2] bugfix missing providerUri

---
 oauth3.core.js   |  5 ++++-
 oauth3.issuer.js | 24 ++++++++++++------------
 2 files changed, 16 insertions(+), 13 deletions(-)

diff --git a/oauth3.core.js b/oauth3.core.js
index 4153afd..13eca66 100644
--- a/oauth3.core.js
+++ b/oauth3.core.js
@@ -667,7 +667,10 @@
           if (data.error) {
             return OAUTH3.PromiseA.reject(OAUTH3.error.parse(providerUri, data));
           }
-          return OAUTH3.hooks.session.refresh(opts, data);
+          return OAUTH3.hooks.session.refresh(
+            opts.session || { provider_uri: providerUri, client_uri: opts.client_uri || opts.clientUri }
+          , data
+          );
         });
       });
     }
diff --git a/oauth3.issuer.js b/oauth3.issuer.js
index 1fa05f0..a0aed1c 100644
--- a/oauth3.issuer.js
+++ b/oauth3.issuer.js
@@ -131,18 +131,18 @@ OAUTH3.urls.resourceOwnerPassword = function (directive, opts) {
   var args = directive[type];
   var otpCode = opts.otp || opts.otpCode || opts.otp_code || opts.otpToken || opts.otp_token || undefined;
   var params = {
-    "client_id": opts.client_id || opts.client_uri
-  , "client_uri": opts.client_uri
-  , "grant_type": grantType
-  , "username": opts.username
-  , "password": opts.password || otpCode || undefined
-  , "totp": opts.totp || opts.totpToken || opts.totp_token || undefined
-  , "otp": otpCode
-  , "password_type": otpCode && 'otp'
-  , "otp_code": otpCode
-  , "otp_uuid": opts.otpUuid || opts.otp_uuid || undefined
-  , "user_agent": opts.userAgent || opts.useragent || opts.user_agent || undefined // AJ's Macbook
-  , "jwk": (opts.rememberDevice || opts.remember_device) && opts.jwk || undefined
+    client_id: opts.client_id || opts.client_uri
+  , client_uri: opts.client_uri
+  , grant_type: grantType
+  , username: opts.username
+  , password: opts.password || otpCode || undefined
+  , totp: opts.totp || opts.totpToken || opts.totp_token || undefined
+  , otp: otpCode
+  , password_type: otpCode && 'otp'
+  , otp_code: otpCode
+  , otp_uuid: opts.otpUuid || opts.otp_uuid || undefined
+  , user_agent: opts.userAgent || opts.useragent || opts.user_agent || undefined // AJ's Macbook
+  , jwk: (opts.rememberDevice || opts.remember_device) && opts.jwk || undefined
   //, "public_key": opts.rememberDevice && opts.publicKey || undefined
   //, "public_key_type":  opts.rememberDevice && opts.publicKeyType || undefined // RSA/ECDSA
   //, "jwt": opts.jwt // TODO sign a proof with a previously loaded public_key