forked from Kong/guardian
-
Notifications
You must be signed in to change notification settings - Fork 0
/
oauth_2_3-legged.js
83 lines (67 loc) · 1.99 KB
/
oauth_2_3-legged.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
var helper = require('./lib/helper');
module.exports = {
"category": "oauth",
"type": "2.0-three-legged",
"steps": 2,
"step": {
1: {
invoke: function (options, server) {
var oauth = helper.getOAuth2(options);
var settings = {
redirect_uri: options.callbackUrl,
response_type: 'code'
};
if (options.scope)
settings.scope = options.scope;
if (options.state)
settings.state = options.state;
settings.type = options.type;
server.res.redirect(oauth.getAuthorizeUrl(settings));
}
},
2: {
invoke: function (options, server) {
var oauth = helper.getOAuth2(options);
oauth.getOAuthAccessToken(options.code, {
redirect_uri: options.callbackUrl,
grant_type: "authorization_code",
type: options.type
}, options.next);
},
next: function (server, response, next) {
if (response.error) {
return helper.handleCallback(server.req.session.data, server, {
status: 500,
data: {
message: 'Could not authenticate with given credentials for request token.',
data: response.error.data
}
});
}
next({
access_token: response.token,
refresh_token: response.secret,
expires_in: response.results.expires_in,
token_type: response.results.token_type
});
}
},
callback: {
next: function (server, response, next) {
// Place the code onto the options object under invoke methods
server.req.session.data.code = response.code;
// Go to the next step
next();
}
}
},
"validate": function (opts) {
if (!opts.clientId)
return "Client ID is required.";
if (!opts.clientSecret)
return "Client Secret is required.";
if (!opts.authorizeUrl)
return "Authorization url is required.";
return undefined;
}
};