This repository has been archived by the owner on Sep 28, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
oauth2.js
92 lines (84 loc) · 3.82 KB
/
oauth2.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
const pool = require('./dbPool');
const security = require('./security');
const bcrypt = require('bcrypt');
const oauth2orize = require('oauth2orize');
const passport = require('passport');
const crypto = require('crypto');
const Clients = require('./models/clients');
const AppTokens = require('./models/appTokens');
const AppRefreshTokens = require('./models/appRefreshTokens');
const server = oauth2orize.createServer();
// Обмен юзернейма/пароля на access token.
server.exchange(oauth2orize.exchange.password(function (app, username, password, done) {
Clients.getByUsername(pool, username, function (err, clients) {
client = clients[0];
if (err) return done(err);
if (!client) return done(null, false);
bcrypt.hash(password, client['salt'], function (err, hash) {
if (err) {
console.log(err);
return done(null, false);
} else if (hash == client['password']) {
let tokenValue = crypto.randomBytes(32).toString('base64');
let refreshTokenValue = crypto.randomBytes(32).toString('base64');
AppTokens.removeByIds(pool, client['id'], app['id'], function (err) {
if (err) return done(err);
AppTokens.add(pool, client['id'], app['id'], tokenValue, function (err) {
if (err) return done(err);
AppRefreshTokens.remove(pool, client['id'], app['id'], function (err) {
if (err) return done(err);
AppRefreshTokens.add(pool, client['id'], app['id'], refreshTokenValue, function (err) {
if (err) return done(err);
done(null, tokenValue, refreshTokenValue, {'expires_in': security.tokenLife});
});
});
});
});
}
else
return done(null, false);
});
});
}));
// Обмен refreshToken на access token.
server.exchange(oauth2orize.exchange.refreshToken(function (app, refreshToken, done) {
AppRefreshTokens.getByToken(pool, refreshToken, function (err, tokens) {
let token = tokens[0];
if (err) {
return done(err);
}
if (!token) {
console.log("\nNO TOKEN OAUTH2\n");
return done(null, false);
}
Clients.getById(pool, token['client_id'], function (err, client) {
client = client[0];
if (err) {
return done(err);
}
if (!client) {
return done(null, false);
}
let tokenValue = crypto.randomBytes(32).toString('base64');
let refreshTokenValue = crypto.randomBytes(32).toString('base64');
AppTokens.removeByIds(pool, client['id'], app['id'], function (err) {
if (err) return done(err);
AppTokens.add(pool, client['id'], app['id'], tokenValue, function (err) {
if (err) return done(err);
AppRefreshTokens.remove(pool, client['id'], app['id'], function (err) {
if (err) return done(err);
AppRefreshTokens.add(pool, client['id'], app['id'], refreshTokenValue, function (err) {
if (err) return done(err);
done(null, tokenValue, refreshTokenValue, {'expires_in': security.tokenLife});
});
});
});
});
});
});
}));
exports.token = [
passport.authenticate(['oauth2-client-password'], {session: false}),
server.token(),
server.errorHandler()
];