From 5f98bd18a361cb8f6239d54024fe0ccf76503f51 Mon Sep 17 00:00:00 2001
From: ancamcheachta <ancamcheachta@protonmail.com>
Date: Fri, 17 Feb 2017 23:12:55 +0000
Subject: [PATCH 1/2] Updated getters to use lean, fixed saveToken

---
 examples/mongodb/model.js | 47 +++++++++++++++++++++++----------------
 1 file changed, 28 insertions(+), 19 deletions(-)

diff --git a/examples/mongodb/model.js b/examples/mongodb/model.js
index e49b8de..bb920dd 100755
--- a/examples/mongodb/model.js
+++ b/examples/mongodb/model.js
@@ -42,9 +42,8 @@ var OAuthUsersModel = mongoose.model('OAuthUsers');
  */
 
 module.exports.getAccessToken = function(bearerToken) {
-  console.log('in getAccessToken (bearerToken: ' + bearerToken + ')');
-
-  return OAuthTokensModel.findOne({ accessToken: bearerToken });
+  // Adding `.lean()`, as we get a mongoose wrapper object back from `findOne(...)`, and oauth2-server complains.
+  return OAuthTokensModel.findOne({ accessToken: bearerToken }).lean();
 };
 
 /**
@@ -52,9 +51,7 @@ module.exports.getAccessToken = function(bearerToken) {
  */
 
 module.exports.getClient = function(clientId, clientSecret) {
-  console.log('in getClient (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ')');
-
-  return OAuthClientsModel.findOne({ clientId: clientId, clientSecret: clientSecret });
+  return OAuthClientsModel.findOne({ clientId: clientId, clientSecret: clientSecret }).lean();
 };
 
 /**
@@ -62,19 +59,15 @@ module.exports.getClient = function(clientId, clientSecret) {
  */
 
 module.exports.getRefreshToken = function(refreshToken) {
-  console.log('in getRefreshToken (refreshToken: ' + refreshToken + ')');
-
-  return OAuthTokensModel.findOne({ refreshToken: refreshToken });
+  return OAuthTokensModel.findOne({ refreshToken: refreshToken }).lean();
 };
 
-/*
+/**
  * Get user.
  */
 
 module.exports.getUser = function(username, password) {
-  console.log('in getUser (username: ' + username + ', password: ' + password + ')');
-
-  return OAuthUsersModel.findOne({ username: username, password: password });
+  return OAuthUsersModel.findOne({ username: username, password: password }).lean();
 };
 
 /**
@@ -82,16 +75,32 @@ module.exports.getUser = function(username, password) {
  */
 
 module.exports.saveToken = function(token, client, user) {
-  console.log('in saveToken (token: ' + token + ')');
-
   var accessToken = new OAuthTokensModel({
     accessToken: token.accessToken,
     accessTokenExpiresOn: token.accessTokenExpiresOn,
-    clientId: client.id,
+    clientId: client.clientId,
     refreshToken: token.refreshToken,
     refreshTokenExpiresOn: token.refreshTokenExpiresOn,
-    userId: user.id
+    userId: user._id
+  });
+  // Can't just chain `lean()` to `save()` as we did with `findOne()` elsewhere. Instead we use `Promise` to resolve the data.
+  return new Promise( function(resolve,reject){
+    accessToken.save(function(err,data){
+      if( err ) reject( err );
+      else resolve( data );
+    }) ;
+  }).then(function(saveResult){
+    // `saveResult` is mongoose wrapper object, not doc itself. Calling `toJSON()` returns the doc.
+    saveResult = saveResult && typeof saveResult == 'object' ? saveResult.toJSON() : saveResult;
+    
+    // Unsure what else points to `saveResult` in oauth2-server, making copy to be safe
+    var data = new Object();
+    for( var prop in saveResult ) data[prop] = saveResult[prop];
+    
+    // /oauth-server/lib/models/token-model.js complains if missing `client` and `user`. Creating missing properties.
+    data.client = data.clientId;
+    data.user = data.userId;
+
+    return data;
   });
-
-  return accessToken.save();
 };

From c1be546910b4c3ae5527ccf2b0e9c999eab7df0d Mon Sep 17 00:00:00 2001
From: ancamcheachta <ancamcheachta@protonmail.com>
Date: Sun, 19 Feb 2017 14:29:15 +0000
Subject: [PATCH 2/2] Added  and  fields to mongoose OAuthTokens model,
 saveToken

---
 examples/mongodb/model.js | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/examples/mongodb/model.js b/examples/mongodb/model.js
index bb920dd..1dc6a1f 100755
--- a/examples/mongodb/model.js
+++ b/examples/mongodb/model.js
@@ -13,10 +13,12 @@ var Schema = mongoose.Schema;
 mongoose.model('OAuthTokens', new Schema({
   accessToken: { type: String },
   accessTokenExpiresOn: { type: Date },
+  client : { type: Object },  // `client` and `user` are required in multiple places, for example `getAccessToken()`
   clientId: { type: String },
   refreshToken: { type: String },
   refreshTokenExpiresOn: { type: Date },
-  userId: { type: String }
+  user : { type: Object },
+  userId: { type: String },
 }));
 
 mongoose.model('OAuthClients', new Schema({
@@ -78,10 +80,12 @@ module.exports.saveToken = function(token, client, user) {
   var accessToken = new OAuthTokensModel({
     accessToken: token.accessToken,
     accessTokenExpiresOn: token.accessTokenExpiresOn,
+    client : client,
     clientId: client.clientId,
     refreshToken: token.refreshToken,
     refreshTokenExpiresOn: token.refreshTokenExpiresOn,
-    userId: user._id
+    user : user,
+    userId: user._id,
   });
   // Can't just chain `lean()` to `save()` as we did with `findOne()` elsewhere. Instead we use `Promise` to resolve the data.
   return new Promise( function(resolve,reject){