159 lines
5.2 KiB
JavaScript
159 lines
5.2 KiB
JavaScript
|
|
// TODO move to a test / lint suite?
|
|
oauth3._lintPromise = function (PromiseA) {
|
|
var promise;
|
|
var x = 1;
|
|
|
|
// tests that this promise has all of the necessary api
|
|
promise = new PromiseA(function (resolve, reject) {
|
|
//console.log('x [2]', x);
|
|
if (x !== 1) {
|
|
throw new Error("bad promise, create not Synchronous [0]");
|
|
}
|
|
|
|
PromiseA.resolve().then(function () {
|
|
var promise2;
|
|
|
|
//console.log('x resolve', x);
|
|
if (x !== 2) {
|
|
throw new Error("bad promise, resolve not Asynchronous [1]");
|
|
}
|
|
|
|
promise2 = PromiseA.reject().then(reject, function () {
|
|
//console.log('x reject', x);
|
|
if (x !== 4) {
|
|
throw new Error("bad promise, reject not Asynchronous [2]");
|
|
}
|
|
|
|
if ('undefined' === typeof angular) {
|
|
throw new Error("[NOT AN ERROR] Dear angular users: ignore this error-handling test");
|
|
} else {
|
|
return PromiseA.reject(new Error("[NOT AN ERROR] ignore this error-handling test"));
|
|
}
|
|
});
|
|
|
|
x = 4;
|
|
|
|
return promise2;
|
|
}).catch(function (e) {
|
|
if (e.message.match('NOT AN ERROR')) {
|
|
resolve({ success: true });
|
|
} else {
|
|
reject(e);
|
|
}
|
|
});
|
|
|
|
x = 3;
|
|
});
|
|
|
|
x = 2;
|
|
return promise;
|
|
};
|
|
|
|
oauth3._lintDirectives = function (providerUri, directives) {
|
|
var params = { directives: directives };
|
|
console.log('DEBUG oauth3._discoverHelper', directives);
|
|
var err;
|
|
if (!params.directives) {
|
|
err = new Error(params.error_description || "Unknown error when discoving provider '" + providerUri + "'");
|
|
err.code = params.error || "E_UNKNOWN_ERROR";
|
|
return OAUTH3.PromiseA.reject(err);
|
|
}
|
|
|
|
try {
|
|
directives = JSON.parse(atob(params.directives));
|
|
console.log('DEBUG oauth3._discoverHelper directives', directives);
|
|
} catch(e) {
|
|
err = new Error(params.error_description || "could not parse directives for provider '" + providerUri + "'");
|
|
err.code = params.error || "E_PARSE_DIRECTIVE";
|
|
return OAUTH3.PromiseA.reject(err);
|
|
}
|
|
if (
|
|
(directives.authorization_dialog && directives.authorization_dialog.url)
|
|
|| (directives.access_token && directives.access_token.url)
|
|
) {
|
|
// TODO lint directives
|
|
// TODO self-reference in directive for providerUri?
|
|
directives.provider_uri = providerUri;
|
|
localStorage.setItem('oauth3.' + providerUri + '.directives', JSON.stringify(directives));
|
|
localStorage.setItem('oauth3.' + providerUri + '.directives.updated_at', new Date().toISOString());
|
|
|
|
return OAUTH3.PromiseA.resolve(directives);
|
|
} else {
|
|
// ignore
|
|
console.error("the directives provided by '" + providerUri + "' were invalid.");
|
|
params.error = params.error || "E_INVALID_DIRECTIVE";
|
|
params.error_description = params.error_description
|
|
|| "directives did not include authorization_dialog.url";
|
|
err = new Error(params.error_description || "Unknown error when discoving provider '" + providerUri + "'");
|
|
err.code = params.error;
|
|
return OAUTH3.PromiseA.reject(err);
|
|
}
|
|
};
|
|
|
|
core.tokenState = function (session) {
|
|
var fresh;
|
|
fresh = (Date.now() / 1000) >= (parseInt(session._accessTokenData.exp) || 0);
|
|
if (!fresh) {
|
|
console.log("[os] isn't fresh", session._accessTokenData.exp);
|
|
}
|
|
};
|
|
oauth3._lintRequest = function (preq, opts) {
|
|
var providerUri;
|
|
|
|
console.log('[os] request meta opts', opts);
|
|
|
|
// check that the JWT is not expired
|
|
// TODO check that this request applies to the aud and azp
|
|
if (!(preq.session && preq.session.accessToken)) {
|
|
console.log('[os] no session/accessTokenData');
|
|
return oauth3.PromiseA.resolve(preq);
|
|
}
|
|
|
|
preq.headers = preq.headers || {};
|
|
preq.headers.Authorization = 'Bearer ' + preq.session.accessToken;
|
|
|
|
if (!preq.session._accessTokenData) {
|
|
console.log('[os] no _accessTokenData');
|
|
preq.session._accessTokenData = core.jwt.decode(preq.session.accessToken).payload;
|
|
}
|
|
|
|
if (!preq.url.match(preq.session._accessTokenData.aud)) {
|
|
console.log("[os] doesn't match audience", preq.session._accessTokenData.aud);
|
|
return oauth3.PromiseA.resolve(preq);
|
|
}
|
|
|
|
switch (core.tokenState(session)) {
|
|
case 'fresh':
|
|
return oauth3.PromiseA.resolve(preq);
|
|
case 'stale':
|
|
case 'useless':
|
|
break;
|
|
}
|
|
|
|
if (!preq.session.refreshToken) {
|
|
console.log("[os] can't refresh", preq.session);
|
|
return oauth3.PromiseA.resolve(preq);
|
|
}
|
|
|
|
opts.refreshToken = preq.session.refreshToken;
|
|
console.log('[oauth3.js] refreshToken attempt');
|
|
|
|
// TODO include directive?
|
|
providerUri = preq.session.providerUri || preq.session._accessTokenData.iss;
|
|
//opts.
|
|
return oauth3.refreshToken(providerUri, opts).then(function (res) {
|
|
console.log('[oauth3.js] refreshToken result:', res);
|
|
|
|
if (!res.data.accessToken) {
|
|
return preq;
|
|
}
|
|
|
|
// TODO fire session update event
|
|
res.data.providerUri = preq.session.providerUri;
|
|
preq.session = res.data;
|
|
preq.headers.Authorization = 'Bearer ' + preq.session.accessToken;
|
|
return preq;
|
|
});
|
|
};
|