Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 9 additions & 7 deletions lib/exchange/authorizationCode.js
Original file line number Diff line number Diff line change
Expand Up @@ -61,22 +61,22 @@ module.exports = function(options, issue) {
options = undefined;
}
options = options || {};

if (!issue) { throw new TypeError('oauth2orize.authorizationCode exchange requires an issue callback'); }

var userProperty = options.userProperty || 'user';

return function authorization_code(req, res, next) {
if (!req.body) { return next(new Error('OAuth2orize requires body parsing. Did you forget app.use(express.bodyParser())?')); }

// The 'user' property of `req` holds the authenticated user. In the case
// of the token endpoint, the property will contain the OAuth 2.0 client.
var client = req[userProperty]
, code = req.body.code
, redirectURI = req.body.redirect_uri;

if (!code) { return next(new TokenError('Missing required parameter: code', 'invalid_request')); }

function issued(err, accessToken, refreshToken, params) {
if (err) { return next(err); }
if (!accessToken) { return next(new TokenError('Invalid authorization code', 'invalid_grant')); }
Expand All @@ -97,10 +97,12 @@ module.exports = function(options, issue) {
res.setHeader('Pragma', 'no-cache');
res.end(json);
}

try {
var arity = issue.length;
if (arity == 5) {
if (arity == 6) {
issue(client, code, redirectURI, req.body, req.headers, issued);
} else if (arity == 5) {
issue(client, code, redirectURI, req.body, issued);
} else { // arity == 4
issue(client, code, redirectURI, issued);
Expand Down
16 changes: 9 additions & 7 deletions lib/exchange/clientCredentials.js
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ module.exports = function(options, issue) {
options = undefined;
}
options = options || {};

if (!issue) { throw new TypeError('oauth2orize.clientCredentials exchange requires an issue callback'); }

var userProperty = options.userProperty || 'user';
Expand All @@ -77,12 +77,12 @@ module.exports = function(options, issue) {

return function client_credentials(req, res, next) {
if (!req.body) { return next(new Error('OAuth2orize requires body parsing. Did you forget app.use(express.bodyParser())?')); }

// The 'user' property of `req` holds the authenticated user. In the case
// of the token endpoint, the property will contain the OAuth 2.0 client.
var client = req[userProperty]
, scope = req.body.scope;

if (scope) {
for (var i = 0, len = separators.length; i < len; i++) {
var separated = scope.split(separators[i]);
Expand All @@ -95,7 +95,7 @@ module.exports = function(options, issue) {
}
if (!Array.isArray(scope)) { scope = [ scope ]; }
}

function issued(err, accessToken, refreshToken, params) {
if (err) { return next(err); }
if (!accessToken) { return next(new TokenError('Invalid client credentials', 'invalid_grant')); }
Expand All @@ -109,17 +109,19 @@ module.exports = function(options, issue) {
if (refreshToken) { tok.refresh_token = refreshToken; }
if (params) { utils.merge(tok, params); }
tok.token_type = tok.token_type || 'Bearer';

var json = JSON.stringify(tok);
res.setHeader('Content-Type', 'application/json');
res.setHeader('Cache-Control', 'no-store');
res.setHeader('Pragma', 'no-cache');
res.end(json);
}

try {
var arity = issue.length;
if (arity == 4) {
if (arity == 5) {
issue(client, scope, req.body, req.headers, issued);
} else if (arity == 4) {
issue(client, scope, req.body, issued);
} else if (arity == 3) {
issue(client, scope, issued);
Expand Down
18 changes: 10 additions & 8 deletions lib/exchange/password.js
Original file line number Diff line number Diff line change
Expand Up @@ -78,17 +78,17 @@ module.exports = function(options, issue) {

return function password(req, res, next) {
if (!req.body) { return next(new Error('OAuth2orize requires body parsing. Did you forget app.use(express.bodyParser())?')); }

// The 'user' property of `req` holds the authenticated user. In the case
// of the token endpoint, the property will contain the OAuth 2.0 client.
var client = req[userProperty]
, username = req.body.username
, passwd = req.body.password
, scope = req.body.scope;

if (!username) { return next(new TokenError('Missing required parameter: username', 'invalid_request')); }
if (!passwd) { return next(new TokenError('Missing required parameter: password', 'invalid_request')); }

if (scope) {
for (var i = 0, len = separators.length; i < len; i++) {
var separated = scope.split(separators[i]);
Expand All @@ -101,31 +101,33 @@ module.exports = function(options, issue) {
}
if (!Array.isArray(scope)) { scope = [ scope ]; }
}

function issued(err, accessToken, refreshToken, params) {
if (err) { return next(err); }
if (!accessToken) { return next(new TokenError('Invalid resource owner credentials', 'invalid_grant')); }
if (refreshToken && typeof refreshToken == 'object') {
params = refreshToken;
refreshToken = null;
}

var tok = {};
tok.access_token = accessToken;
if (refreshToken) { tok.refresh_token = refreshToken; }
if (params) { utils.merge(tok, params); }
tok.token_type = tok.token_type || 'Bearer';

var json = JSON.stringify(tok);
res.setHeader('Content-Type', 'application/json');
res.setHeader('Cache-Control', 'no-store');
res.setHeader('Pragma', 'no-cache');
res.end(json);
}

try {
var arity = issue.length;
if (arity == 6) {
if (arity == 7) {
issue(client, username, passwd, scope, req.body, req.headers, issued);
} else if (arity == 6) {
issue(client, username, passwd, scope, req.body, issued);
} else if (arity == 5) {
issue(client, username, passwd, scope, issued);
Expand Down
24 changes: 14 additions & 10 deletions lib/exchange/refreshToken.js
Original file line number Diff line number Diff line change
Expand Up @@ -58,9 +58,9 @@ module.exports = function(options, issue) {
options = undefined;
}
options = options || {};

if (!issue) { throw new TypeError('oauth2orize.refreshToken exchange requires an issue callback'); }

var userProperty = options.userProperty || 'user';

// For maximum flexibility, multiple scope spearators can optionally be
Expand All @@ -75,15 +75,15 @@ module.exports = function(options, issue) {

return function refresh_token(req, res, next) {
if (!req.body) { return next(new Error('OAuth2orize requires body parsing. Did you forget app.use(express.bodyParser())?')); }

// The 'user' property of `req` holds the authenticated user. In the case
// of the token endpoint, the property will contain the OAuth 2.0 client.
var client = req[userProperty]
, refreshToken = req.body.refresh_token
, scope = req.body.scope;

if (!refreshToken) { return next(new TokenError('Missing required parameter: refresh_token', 'invalid_request')); }

if (scope) {
for (var i = 0, len = separators.length; i < len; i++) {
var separated = scope.split(separators[i]);
Expand All @@ -96,31 +96,35 @@ module.exports = function(options, issue) {
}
if (!Array.isArray(scope)) { scope = [ scope ]; }
}

function issued(err, accessToken, refreshToken, params) {
if (err) { return next(err); }
if (!accessToken) { return next(new TokenError('Invalid refresh token', 'invalid_grant')); }
if (refreshToken && typeof refreshToken == 'object') {
params = refreshToken;
refreshToken = null;
}

var tok = {};
tok.access_token = accessToken;
if (refreshToken) { tok.refresh_token = refreshToken; }
if (params) { utils.merge(tok, params); }
tok.token_type = tok.token_type || 'Bearer';

var json = JSON.stringify(tok);
res.setHeader('Content-Type', 'application/json');
res.setHeader('Cache-Control', 'no-store');
res.setHeader('Pragma', 'no-cache');
res.end(json);
}

try {
var arity = issue.length;
if (arity == 4) {
if (arity == 6) {
issue(client, refreshToken, scope, req.body, req.headers, issued);
} else if (arity == 5) {
issue(client, refreshToken, scope, req.body, issued);
} else if (arity == 4) {
issue(client, refreshToken, scope, issued);
} else { // arity == 3
issue(client, refreshToken, issued);
Expand Down
Loading