checkAuth bug fix, user access token refresh fix

- Updated checkAuth to return when no storage is found - Configured to use google-auth-lib for updating access token from refresh token
SteinHQ · Jun 13, 2019 · 5c0f919 · 5c0f919
1 parent 9e0b390
commit 5c0f919
Show file tree

Hide file tree

Showing 6 changed files with 166 additions and 198 deletions.
diff --git a/.idea/workspace.xml b/.idea/workspace.xml
diff --git a/controllers/checkAuth.js b/controllers/checkAuth.js
@@ -8,7 +8,7 @@ module.exports = (req, res, next) => {
     .then(result => {
       // If sheet doesn't exist, send 404
       if (!result) {
-        next(apiNotFoundError);
+        return next(apiNotFoundError);
       }
 
       // First check if Basic HTTP Auth is enabled on sheet

diff --git a/helpers/authentication/passportInit.js b/helpers/authentication/passportInit.js
@@ -1,6 +1,5 @@
 const GoogleStrategy = require("passport-google-oauth").OAuth2Strategy,
   authConfig = require("./configuration"),
-  refresh = require("passport-oauth2-refresh"),
   User = require("../../models/user");
 
 module.exports = passport => {
@@ -22,14 +21,12 @@ module.exports = passport => {
     },
     (accessToken, refreshToken, params, profile, done) => {
       User.findOrCreate(accessToken, refreshToken, params, profile).then(
-        ({error, user}) => {
+        ({ error, user }) => {
           return done(error, user);
         }
       );
     }
   );
 
   passport.use(Strategy);
-
-  refresh.use(Strategy);
 };
diff --git a/models/user.js b/models/user.js
@@ -1,5 +1,6 @@
 const mongoose = require("mongoose"),
-  refresh = require("passport-oauth2-refresh");
+  googleAuthLib = require("google-auth-library"),
+  googleOAuthConfig = require("../helpers/authentication/configuration").google;
 
 const schema = mongoose.Schema({
   name: String,
@@ -33,43 +34,45 @@ schema.statics.findOrCreate = function(
         userObj.accessToken = accessToken;
         userObj.save((error, user) => resolve({ error, user }));
       } else {
-        this.refreshAccessCode(result.googleId).then(result =>
-          resolve({ error: null, user: result })
-        );
+        result.refreshToken = refreshToken;
+        result
+          .save()
+          .then(() => this.refreshAccessCode(result.googleId))
+          .then(result => resolve({ error: null, user: result }));
       }
     });
   });
 };
 
 schema.statics.refreshAccessCode = function(googleId) {
-  return new Promise(resolve => {
+  return new Promise((resolve, reject) => {
     this.findOne({ googleId }, (err, result) => {
       const now = new Date();
-      if (now.getTime() > result.expiresAt) {
-        refresh.requestNewAccessToken(
-          "google",
-          result.refreshToken,
-          (err, accessToken) => {
-            if (err) {
-              return err;
-            } else {
-              const newData = result;
-              newData.expiresAt = now.setTime(now.getTime() + 1000 * 3599);
-              newData.accessToken = accessToken;
-              this.findOneAndUpdate(
-                { googleId },
-                { $set: newData },
-                { new: true },
-                (err, doc) => {
-                  if (err) {
-                    return err;
-                  }
-                  resolve(doc);
-                }
-              );
-            }
-          }
+      if (now.getTime() < result.expiresAt) {
+        const oauth2Client = new googleAuthLib.OAuth2Client(
+          googleOAuthConfig.clientID,
+          googleOAuthConfig.clientSecret,
+          googleOAuthConfig.callbackURL
         );
+
+        oauth2Client.setCredentials({
+          refresh_token: result.refreshToken
+        });
+
+        oauth2Client.getAccessToken().then(response => {
+          this.findOneAndUpdate(
+            { googleId },
+            {
+              $set: {
+                accessToken: response.token,
+                expiresAt: now.setTime(now.getTime() + 1000 * 3590) // A bit less than 1 hour
+              }
+            },
+            { new: true }
+          )
+            .then(doc => resolve(doc))
+            .catch(err => reject(err));
+        });
       } else {
         resolve(result);
       }

diff --git a/package.json b/package.json
@@ -43,7 +43,6 @@
     "ow": "^0.12.0",
     "passport": "^0.4.0",
     "passport-google-oauth": "^1.0.0",
-    "passport-oauth2-refresh": "^1.0.0",
     "pm2": "^3.5.1",
     "request": "^2.88.0"
   },

diff --git a/yarn.lock b/yarn.lock
@@ -2645,11 +2645,6 @@ passport-oauth1@1.x.x:
     passport-strategy "1.x.x"
     utils-merge "1.x.x"
 
-passport-oauth2-refresh@^1.0.0:
-  version "1.1.0"
-  resolved "https://registry.yarnpkg.com/passport-oauth2-refresh/-/passport-oauth2-refresh-1.1.0.tgz#4e77702bd64f1ec39ddc4142edec85a4f5086f43"
-  integrity sha512-UsmDntTlEKj8GAME/u6hvgTgq/WC/1lh9wGKs7QEf5/e+pBo9dnphJ1qLfmwFck21lz3wHHHiPFJrihLkFSaXg==
-
 passport-oauth2@1.x.x:
   version "1.4.0"
   resolved "https://registry.yarnpkg.com/passport-oauth2/-/passport-oauth2-1.4.0.tgz#f62f81583cbe12609be7ce6f160b9395a27b86ad"