2016-07-01 09:03:53 -05:00
|
|
|
const mongoose = require('mongoose')
|
|
|
|
|
|
|
|
const logger = require('../helpers/logger')
|
|
|
|
|
|
|
|
const OAuthClient = mongoose.model('OAuthClient')
|
|
|
|
const OAuthToken = mongoose.model('OAuthToken')
|
|
|
|
const User = mongoose.model('User')
|
|
|
|
|
|
|
|
// See https://github.com/oauthjs/node-oauth2-server/wiki/Model-specification for the model specifications
|
|
|
|
const OAuthModel = {
|
|
|
|
getAccessToken: getAccessToken,
|
|
|
|
getClient: getClient,
|
|
|
|
getRefreshToken: getRefreshToken,
|
|
|
|
getUser: getUser,
|
2016-07-20 09:23:58 -05:00
|
|
|
revokeToken: revokeToken,
|
2016-07-01 09:03:53 -05:00
|
|
|
saveToken: saveToken
|
|
|
|
}
|
|
|
|
|
|
|
|
// ---------------------------------------------------------------------------
|
|
|
|
|
|
|
|
function getAccessToken (bearerToken) {
|
|
|
|
logger.debug('Getting access token (bearerToken: ' + bearerToken + ').')
|
|
|
|
|
2016-07-20 09:23:58 -05:00
|
|
|
return OAuthToken.getByTokenAndPopulateUser(bearerToken)
|
2016-07-01 09:03:53 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
function getClient (clientId, clientSecret) {
|
|
|
|
logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').')
|
|
|
|
|
|
|
|
// TODO req validator
|
|
|
|
const mongoId = new mongoose.mongo.ObjectID(clientId)
|
2016-07-20 09:23:58 -05:00
|
|
|
return OAuthClient.getByIdAndSecret(mongoId, clientSecret)
|
2016-07-01 09:03:53 -05:00
|
|
|
}
|
|
|
|
|
2016-07-20 09:23:58 -05:00
|
|
|
function getRefreshToken (refreshToken, callback) {
|
2016-07-01 09:03:53 -05:00
|
|
|
logger.debug('Getting RefreshToken (refreshToken: ' + refreshToken + ').')
|
|
|
|
|
2016-07-20 09:23:58 -05:00
|
|
|
return OAuthToken.getByRefreshTokenAndPopulateClient(refreshToken)
|
2016-07-01 09:03:53 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
function getUser (username, password) {
|
|
|
|
logger.debug('Getting User (username: ' + username + ', password: ' + password + ').')
|
|
|
|
|
2016-08-25 10:57:37 -05:00
|
|
|
return User.getByUsername(username).then(function (user) {
|
|
|
|
if (!user) return null
|
|
|
|
|
|
|
|
// We need to return a promise
|
|
|
|
return new Promise(function (resolve, reject) {
|
|
|
|
return user.isPasswordMatch(password, function (err, isPasswordMatch) {
|
|
|
|
if (err) return reject(err)
|
|
|
|
|
|
|
|
if (isPasswordMatch === true) {
|
|
|
|
return resolve(user)
|
|
|
|
}
|
|
|
|
|
|
|
|
return resolve(null)
|
|
|
|
})
|
|
|
|
})
|
|
|
|
})
|
2016-07-20 09:23:58 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
function revokeToken (token) {
|
|
|
|
return OAuthToken.getByRefreshToken(token.refreshToken).then(function (tokenDB) {
|
|
|
|
if (tokenDB) tokenDB.remove()
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Thanks to https://github.com/manjeshpv/node-oauth2-server-implementation/blob/master/components/oauth/mongo-models.js
|
|
|
|
* "As per the discussion we need set older date
|
|
|
|
* revokeToken will expected return a boolean in future version
|
|
|
|
* https://github.com/oauthjs/node-oauth2-server/pull/274
|
|
|
|
* https://github.com/oauthjs/node-oauth2-server/issues/290"
|
|
|
|
*/
|
|
|
|
const expiredToken = tokenDB
|
|
|
|
expiredToken.refreshTokenExpiresAt = new Date('2015-05-28T06:59:53.000Z')
|
|
|
|
return expiredToken
|
|
|
|
})
|
2016-07-01 09:03:53 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
function saveToken (token, client, user) {
|
2016-07-27 14:15:07 -05:00
|
|
|
logger.debug('Saving token ' + token.accessToken + ' for client ' + client.id + ' and user ' + user.id + '.')
|
2016-07-01 09:03:53 -05:00
|
|
|
|
|
|
|
const tokenObj = new OAuthToken({
|
|
|
|
accessToken: token.accessToken,
|
2016-07-20 09:23:58 -05:00
|
|
|
accessTokenExpiresAt: token.accessTokenExpiresAt,
|
2016-07-01 09:03:53 -05:00
|
|
|
client: client.id,
|
|
|
|
refreshToken: token.refreshToken,
|
2016-07-20 09:23:58 -05:00
|
|
|
refreshTokenExpiresAt: token.refreshTokenExpiresAt,
|
2016-07-01 09:03:53 -05:00
|
|
|
user: user.id
|
|
|
|
})
|
|
|
|
|
2016-07-27 14:15:07 -05:00
|
|
|
return tokenObj.save().then(function (tokenCreated) {
|
2016-07-01 09:03:53 -05:00
|
|
|
tokenCreated.client = client
|
|
|
|
tokenCreated.user = user
|
|
|
|
return tokenCreated
|
2016-07-27 14:15:07 -05:00
|
|
|
}).catch(function (err) {
|
|
|
|
throw err
|
2016-07-01 09:03:53 -05:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
// ---------------------------------------------------------------------------
|
|
|
|
|
|
|
|
module.exports = OAuthModel
|