coolaj86
/
walnut.js
1
1
Fork 1
Code Issues Pull Requests Releases Activity

made verifyAsync available to check other tokens (like refresh tokens)

This commit is contained in:
tigerbot 2017-07-24 16:19:51 -06:00
parent 5053963874
commit 4345725c83
1 changed files with 15 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
lib/oauth3.js
View File

@ -50,6 +50,15 @@ function extractAccessToken(req) {
function verifyToken(token) { function verifyToken(token) {
var jwt = require('jsonwebtoken'); var jwt = require('jsonwebtoken');
var decoded; var decoded;
if (!token) {
return PromiseA.reject({
message: 'no token provided'
, code: 'E_NO_TOKEN'
, url: 'https://oauth3.org/docs/errors#E_NO_TOKEN'
});
}
try { try {
decoded = jwt.decode(token, {complete: true}); decoded = jwt.decode(token, {complete: true});
} catch (e) {} } catch (e) {}
@ -160,6 +169,10 @@ function attachOauth3(req, res, next) {
req.oauth3 = {}; req.oauth3 = {};
extractAccessToken(req).then(function (token) { extractAccessToken(req).then(function (token) {
req.oauth3.verifyAsync = function (jwt) {
return verifyToken(jwt || token);
};
if (!token) { if (!token) {
return null; return null;
} }
@ -181,14 +194,10 @@ function attachOauth3(req, res, next) {
req.oauth3.token = decoded; req.oauth3.token = decoded;
req.oauth3.ppid = ppid; req.oauth3.ppid = ppid;
req.oauth3.verifyAsync = function () { req.oauth3.rescope = function (sub) {
return verifyToken(token);
};
req.oauth3.rescope = function () {
// TODO: this function is supposed to convert PPIDs of different parties to some account // TODO: this function is supposed to convert PPIDs of different parties to some account
// ID that allows application to keep track of permisions and what-not. // ID that allows application to keep track of permisions and what-not.
return PromiseA.resolve(ppid); return PromiseA.resolve(sub || ppid);
}; };
}).then(function () { }).then(function () {
next(); next();