UNPKG

oauth20-provider

Version:

OAuth 2.0 provider toolkit for nodeJS

github.com/t1msh/node-oauth20-provider

t1msh/node-oauth20-provider

108 lines (92 loc) 3.65 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
// Run tests via "npm --type=TYPE test" (types available: memory (default), redis are available) var TYPE = process.env['npm_config_type'] || 'memory'; var query = require('querystring'), express = require('express'), cookieParser = require('cookie-parser'), session = require('express-session'), bodyParser = require('body-parser'); var config = require('./config.js'), server = express(), oauth20 = require('./oauth20.js')(TYPE), model = require('./model/' + TYPE); server.set('oauth2', oauth20); // Middleware server.use(cookieParser()); server.use(session({ secret: 'oauth20-provider-test-server', resave: false, saveUninitialized: false })); server.use(bodyParser.urlencoded({extended: false})); server.use(bodyParser.json()); server.use(oauth20.inject()); // View server.set('views', './view'); server.set('view engine', 'jade'); // Middleware. User authorization function isUserAuthorized(req, res, next) { if (req.session.authorized) next(); else { var params = req.query; params.backUrl = req.path; res.redirect('/login?' + query.stringify(params)); } } // Define OAuth2 Authorization Endpoint server.get('/authorization', isUserAuthorized, oauth20.controller.authorization, function(req, res) { res.render('authorization', { layout: false }); }); server.post('/authorization', isUserAuthorized, oauth20.controller.authorization); // Define OAuth2 Token Endpoint server.post('/token', oauth20.controller.token); // Define user login routes server.get('/login', function(req, res) { res.render('login', {layout: false}); }); server.post('/login', function(req, res, next) { var backUrl = req.query.backUrl ? req.query.backUrl : '/'; delete(req.query.backUrl); backUrl += backUrl.indexOf('?') > -1 ? '&' : '?'; backUrl += query.stringify(req.query); // Already logged in if (req.session.authorized) res.redirect(backUrl); // Trying to log in else if (req.body.username && req.body.password) { model.oauth2.user.fetchByUsername(req.body.username, function(err, user) { if (err) next(err); else { model.oauth2.user.checkPassword(user, req.body.password, function(err, valid) { if (err) next(err); else if (!valid) res.redirect(req.url); else { req.session.user = user; req.session.authorized = true; res.redirect(backUrl); } }); } }); } // Please login else res.redirect(req.url); }); // Some secure method server.get('/secure', oauth20.middleware.bearer, function(req, res) { if (!req.oauth2.accessToken) return res.status(403).send('Forbidden'); if (!req.oauth2.accessToken.userId) return res.status(403).send('Forbidden'); res.send('Hi! Dear user ' + req.oauth2.accessToken.userId + '!'); }); // Some secure client method server.get('/client', oauth20.middleware.bearer, function(req, res) { if (!req.oauth2.accessToken) return res.status(403).send('Forbidden'); res.send('Hi! Dear client ' + req.oauth2.accessToken.clientId + '!'); }); // Expose functions var start = module.exports.start = function() { server.listen(config.server.port, config.server.host, function(err) { if (err) console.error(err); else console.log('Server started at ' + config.server.host + ':' + config.server.port); }); }; module.exports = server; if (require.main == module) { start(); }