Skip to content
This repository has been archived by the owner. It is now read-only.

/ fxa-oauth-server Archived

Permalink
Browse files
feat(clients): add terms_uri and privacy_uri properties to clients.
  • Loading branch information
@rfk
rfk committed Apr 30, 2015
1 parent c58d237 commit 51ae9043a8e2db4433177c956c7ad6d3ed0ba997
9 lib/db/index.js
View file
@@ -39,6 +39,9 @@ function convertClientToConfigFormat(client) {
out.hashedSecret = unbuf(client.secret);
} else if (key === 'trusted' || key === 'canGrant') {
out[key] = !!client[key]; // db stores booleans as 0 or 1.
} else if (key === 'termsUri' || key === 'privacyUri') {
// these are optional in the config
if (client[key]) { out[key] = client[key]; }
} else if (typeof client[key] !== 'function') {
out[key] = unbuf(client[key]);
}
@@ -62,9 +65,9 @@ function preClients() {
}

// ensure the required keys are present.
var CLIENTS_KEYS = [ 'id', 'hashedSecret', 'name', 'imageUri',
'redirectUri', 'trusted', 'canGrant' ];
CLIENTS_KEYS.forEach(function(key) {
var REQUIRED_CLIENTS_KEYS = [ 'id', 'hashedSecret', 'name', 'imageUri',
'redirectUri', 'trusted', 'canGrant' ];
REQUIRED_CLIENTS_KEYS.forEach(function(key) {
if (!(key in c)) {
var data = { key: key, name: c.name || 'unknown' };
logger.error('client.missing.keys', data);
8 lib/db/memory.js
View file
@@ -20,6 +20,8 @@ const unique = require('../unique');
* name: <string>,
* imageUri: <string>,
* redirectUri: <string>,
* termsUri: <string>,
* privacyUri: <string>,
* trusted: <boolean>,
* createdAt: <timestamp>
* }
@@ -106,6 +108,10 @@ MemoryStore.prototype = {
var hex = unbuf(client.id);
logger.debug('registerClient', { name: client.name, id: hex });
client.createdAt = new Date();
client.imageUri = client.imageUri || '';
client.redirectUri = client.redirectUri || '';
client.termsUri = client.termsUri || '';
client.privacyUri = client.privacyUri || '';
client.canGrant = !!client.canGrant;
client.trusted = !!client.trusted;
this.clients[hex] = client;
@@ -161,6 +167,8 @@ MemoryStore.prototype = {
name: client.name,
imageUri: client.imageUri,
redirectUri: client.redirectUri,
termsUri: client.termsUri,
privacyUri: client.privacyUri,
canGrant: client.canGrant,
trusted: client.trusted
};
17 lib/db/mysql/index.js
View file
@@ -108,8 +108,9 @@ MysqlStore.connect = function mysqlConnect(options) {

const QUERY_CLIENT_REGISTER =
'INSERT INTO clients ' +
'(id, name, imageUri, secret, redirectUri, whitelisted, trusted, canGrant) ' +
'VALUES (?, ?, ?, ?, ?, ?, ?, ?);';
'(id, name, imageUri, secret, redirectUri, termsUri, privacyUri, ' +
' whitelisted, trusted, canGrant) ' +
'VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?);';
const QUERY_CLIENT_DEVELOPER_INSERT =
'INSERT INTO clientDevelopers ' +
'(rowId, developerId, clientId) ' +
@@ -129,14 +130,16 @@ const QUERY_DEVELOPER_INSERT =
'(developerId, email) ' +
'VALUES (?, ?);';
const QUERY_CLIENT_GET = 'SELECT * FROM clients WHERE id=?';
const QUERY_CLIENT_LIST = 'SELECT id, name, redirectUri, imageUri, canGrant, ' +
'whitelisted, trusted FROM clients, clientDevelopers, developers ' +
const QUERY_CLIENT_LIST = 'SELECT id, name, redirectUri, imageUri, ' +
'termsUri, privacyUri, canGrant, whitelisted, trusted ' +
'FROM clients, clientDevelopers, developers ' +
'WHERE clients.id = clientDevelopers.clientId AND ' +
'developers.developerId = clientDevelopers.developerId AND ' +
'developers.email =?;';
const QUERY_CLIENT_UPDATE = 'UPDATE clients SET ' +
'name=COALESCE(?, name), imageUri=COALESCE(?, imageUri), ' +
'secret=COALESCE(?, secret), redirectUri=COALESCE(?, redirectUri), ' +
'termsUri=COALESCE(?, termsUri), privacyUri=COALESCE(?, privacyUri), ' +
'whitelisted=COALESCE(?, whitelisted), trusted=COALESCE(?, trusted), ' +
'canGrant=COALESCE(?, canGrant) ' +
'WHERE id=?';
@@ -196,9 +199,11 @@ MysqlStore.prototype = {
return this._write(QUERY_CLIENT_REGISTER, [
id,
client.name,
client.imageUri,
client.imageUri || '',
buf(client.hashedSecret),
client.redirectUri,
client.termsUri || '',
client.privacyUri || '',
!!client.trusted, // XXX TODO: we have duplicate columns while we're
!!client.trusted, // in the process of renaming whitelisted=>trusted.
!!client.canGrant
@@ -293,6 +298,8 @@ MysqlStore.prototype = {
client.imageUri,
secret,
client.redirectUri,
client.termsUri,
client.privacyUri,
client.trusted, // XXX TODO: we have duplicate columns while we're
client.trusted, // in the process of renaming whitelisted => trusted.
client.canGrant,
5 lib/db/mysql/patches/patch-004-005.sql
View file
@@ -5,4 +5,9 @@
ALTER TABLE clients ADD COLUMN trusted BOOLEAN DEFAULT FALSE;
UPDATE clients SET trusted=whitelisted;

-- Adds new "termsUri" and "privacyUri" columns for third-party clients.

ALTER TABLE clients ADD COLUMN termsUri VARCHAR(256) NOT NULL AFTER redirectUri;
ALTER TABLE clients ADD COLUMN privacyUri VARCHAR(256) NOT NULL AFTER termsUri;

UPDATE dbMetadata SET value = '5' WHERE name = 'schema-patch-level';
5 lib/db/mysql/patches/patch-005-004.sql
View file
@@ -1,5 +1,8 @@
-- Remove "trusted" column, ensuring to sync with old "whitelist" column
-- Remove "termsUri" and "privacyUri" columns".
-- Remove "trusted" column, ensuring to sync with old "whitelist" column.

-- ALTER TABLE clients DROP COLUMN privacyUri;
-- ALTER TABLE clients DROP COLUMN termsUri;
-- UPDATE clients SET whitelisted=trusted;
-- ALTER TABLE clients DROP COLUMN trusted;

2 lib/db/mysql/schema.sql
View file
@@ -13,6 +13,8 @@ CREATE TABLE IF NOT EXISTS clients (
name VARCHAR(256) NOT NULL,
imageUri VARCHAR(256) NOT NULL,
redirectUri VARCHAR(256) NOT NULL,
termsUri VARCHAR(256) NOT NULL,
privacyUri VARCHAR(256) NOT NULL,
whitelisted BOOLEAN DEFAULT FALSE,
canGrant BOOLEAN DEFAULT FALSE,
createdAt TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP,
8 lib/routes/client/get.js
View file
@@ -23,7 +23,9 @@ module.exports = {
name: Joi.string().required(),
trusted: Joi.boolean().required(),
image_uri: Joi.any(),
redirect_uri: Joi.string().required().allow('')
redirect_uri: Joi.string().required().allow(''),
terms_uri: Joi.string().required().allow(''),
privacy_uri: Joi.string().required().allow('')
}
},
handler: function requestInfoEndpoint(req, reply) {
@@ -40,7 +42,9 @@ module.exports = {
name: client.name,
trusted: client.trusted,
image_uri: client.imageUri,
redirect_uri: client.redirectUri
redirect_uri: client.redirectUri,
terms_uri: client.termsUri,
privacy_uri: client.privacyUri
});
}, reply);
}
4 lib/routes/client/list.js
View file
@@ -17,6 +17,8 @@ function serialize(client) {
name: client.name,
image_uri: client.imageUri,
redirect_uri: client.redirectUri,
terms_uri: client.termsUri,
privacy_uri: client.privacyUri,
can_grant: client.canGrant,
// XXX TODO: a future PR will remove legacy "whitelisted" attr
whitelisted: client.trusted,
@@ -37,6 +39,8 @@ module.exports = {
name: Joi.string().required(),
image_uri: Joi.string().allow(''),
redirect_uri: Joi.string().allow('').required(),
terms_uri: Joi.string().allow('').required(),
privacy_uri: Joi.string().allow('').required(),
can_grant: Joi.boolean().required(),
// XXX TODO: a future PR will remove legacy "whitelisted" attr
whitelisted: Joi.boolean().required(),
8 lib/routes/client/register.js
View file
@@ -23,6 +23,8 @@ module.exports = {
name: Joi.string().max(256).required(),
image_uri: Joi.string().max(256).allow(''),
redirect_uri: Joi.string().max(256).required(),
terms_uri: Joi.string().max(256).allow(''),
privacy_uri: Joi.string().max(256).allow(''),
can_grant: Joi.boolean(),
// XXX TODO: a future PR will remove legacy "whitelisted" property
whitelisted: Joi.boolean(),
@@ -36,6 +38,8 @@ module.exports = {
name: Joi.string().required(),
image_uri: Joi.string().allow(''),
redirect_uri: Joi.string().required(),
terms_uri: Joi.string().required().allow(''),
privacy_uri: Joi.string().required().allow(''),
can_grant: Joi.boolean().required(),
// XXX TODO: a future PR will remove legacy "whitelisted" property
whitelisted: Joi.boolean().required(),
@@ -51,6 +55,8 @@ module.exports = {
name: payload.name,
redirectUri: payload.redirect_uri,
imageUri: payload.image_uri || '',
termsUri: payload.terms_uri || '',
privacyUri: payload.privacy_uri || '',
canGrant: !!payload.can_grant,
// XXX TODO: a future PR will remove legacy "whitelisted" property.
// Accept both for now for API b/w compat.
@@ -83,6 +89,8 @@ module.exports = {
name: client.name,
redirect_uri: client.redirectUri,
image_uri: client.imageUri,
terms_uri: client.termsUri,
privacy_uri: client.privacyUri,
can_grant: client.canGrant,
// XXX TODO: a future PR will remove legacy "whitelisted" property
whitelisted: client.trusted,
4 lib/routes/client/update.js
View file
@@ -24,6 +24,8 @@ module.exports = {
name: Joi.string().max(256),
image_uri: Joi.string().max(256),
redirect_uri: Joi.string().max(256),
terms_uri: Joi.string().max(256),
privacy_uri: Joi.string().max(256),
can_grant: Joi.boolean()
}
},
@@ -40,6 +42,8 @@ module.exports = {
name: payload.name,
redirectUri: payload.redirect_uri,
imageUri: payload.image_uri,
termsUri: payload.terms_uri,
privacyUri: payload.privacy_uri,
canGrant: payload.can_grant
}).done(function() {
reply({});
38 test/api.js
View file
@@ -946,7 +946,9 @@ describe('/v1', function() {
payload: {
name: clientName,
redirect_uri: clientUri,
image_uri: clientUri,
image_uri: clientUri + '/image',
terms_uri: clientUri + '/terms',
privacy_uri: clientUri + '/privacy',
can_grant: true,
trusted: true
}
@@ -958,6 +960,13 @@ describe('/v1', function() {
assert.equal(klient.id.toString('hex'), client.id);
assert.equal(klient.name, client.name);
assert.equal(klient.redirectUri, client.redirect_uri);
assert.equal(klient.imageUri, client.image_uri);
assert.equal(klient.termsUri, client.terms_uri);
assert.equal(klient.privacyUri, client.privacy_uri);
assert.equal(klient.redirectUri, clientUri);
assert.equal(klient.imageUri, clientUri + '/image');
assert.equal(klient.termsUri, clientUri + '/terms');
assert.equal(klient.privacyUri, clientUri + '/privacy');
assert.equal(klient.canGrant, true);
assert.equal(klient.trusted, true);
});
@@ -1010,6 +1019,8 @@ describe('/v1', function() {
assert.equal(klient.id.toString('hex'), client.id);
assert.equal(klient.name, client.name);
assert.equal(klient.imageUri, '');
assert.equal(klient.termsUri, '');
assert.equal(klient.privacyUri, '');
assert.equal(klient.canGrant, false);
assert.equal(klient.trusted, false);
});
@@ -1071,6 +1082,8 @@ describe('/v1', function() {
hashedSecret: encrypt.hash(unique.secret()),
redirectUri: 'https://example.domain',
imageUri: 'https://example.com/logo.png',
termsUri: 'https://example.com/legal/terms.html',
privacyUri: 'https://example.com/legal/privacy.html',
trusted: true
};

@@ -1112,8 +1125,31 @@ describe('/v1', function() {
assert.equal(klient.name, 'updated');
assert.equal(klient.redirectUri, clientUri);
assert.equal(klient.imageUri, client.imageUri);
assert.equal(klient.termsUri, client.termsUri);
assert.equal(klient.privacyUri, client.privacyUri);
assert.equal(klient.trusted, true);
assert.equal(klient.canGrant, false);
}).then(function () {
return Server.internal.api.post({
url: '/client/' + id.toString('hex'),
headers: {
authorization: 'Bearer ' + tok,
},
payload: {
terms_uri: clientUri + '/terms',
privacy_uri: clientUri + '/privacy',
}
});
}).then(function (res) {
assert.equal(res.statusCode, 200);
assert.equal(res.payload, '{}');
return db.getClient(client.id);
}).then(function (klient) {
assert.equal(klient.name, 'updated');
assert.equal(klient.redirectUri, clientUri);
assert.equal(klient.imageUri, client.imageUri);
assert.equal(klient.termsUri, clientUri + '/terms');
assert.equal(klient.privacyUri, clientUri + '/privacy');
});
});

0 comments on commit 51ae904

Please sign in to comment.