From c0fab2b7f06a2fd326306a503ab9411448006075 Mon Sep 17 00:00:00 2001 From: Ralf Becker Date: Fri, 12 Apr 2019 14:30:24 +0200 Subject: [PATCH] Fix #13693 Custom Oauth does not register the refreshToken nor respect the accessToken lifetime --- .../server/custom_oauth_server.js | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/app/custom-oauth/server/custom_oauth_server.js b/app/custom-oauth/server/custom_oauth_server.js index b4bb41a210ba3..7467031f9ce87 100644 --- a/app/custom-oauth/server/custom_oauth_server.js +++ b/app/custom-oauth/server/custom_oauth_server.js @@ -130,7 +130,7 @@ export class CustomOAuth { if (data.error) { // if the http response was a json object with an error attribute throw new Error(`Failed to complete OAuth handshake with ${ this.name } at ${ this.tokenPath }. ${ data.error }`); } else { - return data.access_token; + return data; } } @@ -172,10 +172,10 @@ export class CustomOAuth { registerService() { const self = this; OAuth.registerService(this.name, 2, null, (query) => { - const accessToken = self.getAccessToken(query); - // console.log 'at:', accessToken + const response = self.getAccessToken(query); + // console.log('app/custom-oauth/server/custom_oauth_server.js: self.getAccessToken()=', response); - let identity = self.getIdentity(accessToken); + let identity = self.getIdentity(response.access_token); if (identity) { // Set 'id' to '_id' for any sources that provide it @@ -254,9 +254,18 @@ export class CustomOAuth { const serviceData = { _OAuthCustom: true, - accessToken, + accessToken: response.access_token, + idToken: response.id_token, + expiresAt: (+new Date) + (1000 * parseInt(response.expires_in, 10)), }; + // only set the token in serviceData if it's there. this ensures + // that we don't lose old ones (since we only get this on the first + // log in attempt) + if (response.refresh_token) { + serviceData.refreshToken = response.refresh_token; + } + _.extend(serviceData, identity); const data = {