Merge branch 'v1.2-next' of ssh://git.oauth3.org/OAuth3/oauth3.js into v1.2-next

navigator.auth.js

@@ -0,0 +1,96 @@
+(function () {
+'use strict';
+
+function create(myOpts) {
+  return {
+    requestScope: function (opts) {
+      // TODO pre-generate URL
+
+      // deliver existing session if it exists
+      var scope = opts && opts.scope || [];
+      if (myOpts.session) {
+        if (!scope.length || scope.every(function (scp) {
+          return -1 !== opts.myOpts.session.scope.indexOf(scp);
+        })) {
+          return OAUTH3.PromiseA.resolve(myOpts.session);
+        }
+      }
+
+      // request a new session otherwise
+      return OAUTH3.implicitGrant(myOpts.directives, {
+        client_id: myOpts.conf.client_uri
+      , client_uri: myOpts.conf.client_uri
+        // maybe use inline instead?
+      , windowType: 'popup'
+      , scope: scope
+      }).then(function (session) {
+        return session;
+      });
+    }
+  , session: function () {
+      return myOpts.session;
+    }
+  , refresh: function (session) {
+      return OAUTH3.implicitGrant(myOpts.directives, {
+        client_id: myOpts.conf.client_uri
+      , client_uri: myOpts.conf.client_uri
+      , windowType: 'background'
+      }).then(function (_session) {
+        session = _session;
+        return session;
+      });
+    }
+  , logout: function () {
+      return OAUTH3.logout(myOpts.directives, {
+        client_id: myOpts.conf.client_uri
+      , client_uri: myOpts.conf.client_uri
+      });
+    }
+  , switchUser: function () {
+      // should open dialog with user selection dialog
+    }
+  }
+}
+
+window.navigator.auth = {
+  getUserAuthenticator: function (opts) {
+    var conf = {};
+    var directives;
+    var session;
+
+    opts = opts || {};
+    conf.client_uri = opts.client_uri || OAUTH3.clientUri(opts.location || window.location);
+
+    return OAUTH3.issuer({ broker: opts.issuer_uri || 'https://new.oauth3.org' }).then(function (issuer) {
+      conf.issuer_uri = issuer;
+      conf.provider_uri = issuer;
+
+      return OAUTH3.directives(conf.provider_uri, {
+        client_id: conf.client_uri
+      , client_uri: conf.client_uri
+      }).then(function (_directives) {
+        directives = _directives;
+        var myOpts = {
+          directives: directives
+        , conf: conf
+        };
+
+        return OAUTH3.implicitGrant(directives, {
+          client_id: conf.client_uri
+        , client_uri: conf.client_uri
+        , windowType: 'background'
+        }).then(function (_session) {
+          session = _session;
+          myOpts.session = session;
+          return create(myOpts);
+        }, function (err) {
+          console.error('[DEBUG] implicitGrant err:');
+          console.error(err);
+          return create(myOpts);
+        });
+      });
+    });
+  }
+};
+
+}());

oauth3.core.js

@@ -176,7 +176,7 @@
     }
   , scope: {
       parse: function (scope) {
-        return (scope||'').split(/[+, ]+/g);
+        return (scope||'').toString().split(/[+, ]+/g);
       }
     , stringify: function (scope) {
         if (Array.isArray(scope)) {
@@ -896,7 +896,8 @@
       if (!opts) { opts = {}; }
 
       // TODO this will default to browserlogin.org
-      var broker = opts.broker || 'https://broker.oauth3.org';
+      var broker = opts.broker || 'https://new.oauth3.org';
+      //var broker = opts.broker || 'https://broker.oauth3.org';
 
       opts._rpc = "broker";
       opts._scheme = "localstorage:";
@@ -1016,12 +1017,19 @@
         });
       });
     }
-  , logout: function(providerUri, opts) {
+  , logout: function(issuerUri, opts) {
-      return OAUTH3.hooks.directives.get(providerUri).then(function (directives) {
+      var directives;
+      if ('string' !== typeof issuerUri) {
+        directives = issuerUri;
+        return OAUTH3._logoutHelper(directives, opts);
+      }
+
+      return OAUTH3.hooks.directives.get(issuerUri).then(function (directives) {
         return OAUTH3._logoutHelper(directives, opts);
       });
     }
-  , _logoutHelper: function(providerUri, directives, opts) {
+  , _logoutHelper: function(directives, opts) {
+      var issuerUri = directives.issuer_uri || directives.provider_uri;
       var logoutReq = OAUTH3.urls.logout(
         directives
       , { client_id: (opts.client_id || opts.client_uri || OAUTH3.clientUri(OAUTH3._browser.window.location))
@@ -1044,10 +1052,10 @@
 
         if (params.error) {
           // TODO directives.audience
-          return OAUTH3.PromiseA.reject(OAUTH3.error.parse(directives.issuer /*providerUri*/, params));
+          return OAUTH3.PromiseA.reject(OAUTH3.error.parse(directives.issuer /*issuerUri*/, params));
         }
 
-        OAUTH3.hooks.session.clear(providerUri);
+        OAUTH3.hooks.session.clear(issuerUri);
         return params;
       });
     }

oauth3.issuer.js

@@ -371,8 +371,8 @@ OAUTH3.authn.resourceOwnerPassword = function (directive, opts) {
 OAUTH3.authz = {};
 OAUTH3.authz.scopes = function (providerUri, session, clientParams) {
   var clientUri = OAUTH3.uri.normalize(clientParams.client_uri || OAUTH3._browser.window.document.referrer);
-  var scope = clientParams.scope || 'oauth3_authn';
+  var scope = clientParams.scope || 'authn@oauth3.org';
-  if ('oauth3_authn' === scope) {
+  if ('authn@oauth3.org' === scope.toString()) {
     // implicit ppid grant is automatic
     console.warn('[security] fix scope checking on backend so that we can do automatic grants');
     // TODO check user preference if implicit ppid grant is allowed

oauth3.issuer.mock.js

@@ -27,9 +27,9 @@
 
   OAUTH3.authz.scopes = function () {
     return OAUTH3.PromiseA.resolve({
-      pending: ['oauth3_authn']   // not yet accepted
+      pending: [ 'authn@oauth3.org' ]     // not yet accepted
     , granted: []                         // all granted, ever
-    , requested: ['oauth3_authn'] // all requested, now
+    , requested: [ 'authn@oauth3.org' ]   // all requested, now
     , accepted: []                        // granted (ever) and requested (now)
     });
   };