-
Notifications
You must be signed in to change notification settings - Fork 47
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This became a bit bigger than expected, but: * Refactors the OAuth2 service to have more consistent function signatures. * Adds token statistics to the oauth2 homepage. * Stores the 'grant_type' and whether a 'secret' was used in the tokens table. * We're now storing 'scope' for every token. This OAuth2 feature wasn't really used by this server, but this sets up the first steps for this. * Fixes a bug related to generating principal uris in the introspection endpoints. * Has more explicit support for the 2 a12nserver-specific oauth2 flows: "developer tokens" and "one-time-tokens". Other side-effects of this PR: * A few step furthers in #405 * Some progress towards OpenID Connect support (scopes are important for this).
- Loading branch information
Showing
18 changed files
with
462 additions
and
231 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,14 @@ | ||
import { ServerStats } from '../types'; | ||
import { getPrincipalStats } from '../principal/service'; | ||
import { findPrivileges } from '../privilege/service'; | ||
import { lastTokenId } from '../oauth2/service'; | ||
|
||
export async function getServerStats(): Promise<ServerStats> { | ||
|
||
return { | ||
...await getPrincipalStats(), | ||
privileges: (await findPrivileges()).length | ||
privileges: (await findPrivileges()).length, | ||
tokensIssued: (await lastTokenId()), | ||
}; | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
import { Knex } from 'knex'; | ||
|
||
export async function up(knex: Knex): Promise<void> { | ||
await knex.schema.alterTable('oauth2_tokens', table => { | ||
table | ||
.renameColumn('created', 'created_at'); | ||
table | ||
.tinyint('grant_type') | ||
.unsigned() | ||
.nullable() | ||
.comment('1=implicit, 2=client_credentials, 3=password, 4=authorization_code, 5=authorization_code with secret,6=one-time-token'); | ||
table | ||
.string('scope', 1024) | ||
.nullable() | ||
.comment('OAuth2 scopes, space separated'); | ||
}); | ||
} | ||
|
||
export async function down(knex: Knex): Promise<void> { | ||
|
||
throw new Error('This migration cannot be undone'); | ||
|
||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.