Skip to content

Commit

Permalink
refactor: add redirect_uri, response_type and grant_type to server-si…
Browse files Browse the repository at this point in the history
…de authentication request (#166)
  • Loading branch information
jmschneider authored and pi0 committed May 7, 2018
1 parent 8e9f414 commit 0602c60
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 65 deletions.
10 changes: 9 additions & 1 deletion lib/providers/_utils.js
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,12 @@ function addAuthorize (strategy) {
}

formMiddleware(req, res, () => {
const { code } = req.body
const {
code,
redirect_uri: redirectUri = strategy.redirect_uri,
response_type: responseType = strategy.response_type,
grant_type: grantType = strategy.grant_type
} = req.body

if (!code) {
return next()
Expand All @@ -46,6 +51,9 @@ function addAuthorize (strategy) {
data: {
client_id: clientID,
client_secret: clientSecret,
grant_type: grantType,
response_type: responseType,
redirect_uri: redirectUri,
code
},
headers: {
Expand Down
66 changes: 2 additions & 64 deletions lib/providers/laravel.passport.js
Original file line number Diff line number Diff line change
@@ -1,6 +1,4 @@
const axios = require('axios')
const bodyParser = require('body-parser')
const { assignDefaults } = require('./_utils')
const { assignDefaults, addAuthorize } = require('./_utils')

module.exports = function laravelPassport (strategy) {
assignDefaults(strategy, {
Expand All @@ -15,65 +13,5 @@ module.exports = function laravelPassport (strategy) {
scope: '*'
})

// Get client_secret, client_id and token_endpoint
const clientSecret = strategy.client_secret
const clientID = strategy.client_id
const tokenEndpoint = strategy.token_endpoint

// IMPORTANT: remove client_secret from generated bundle
delete strategy.client_secret

// Endpoint
const endpoint = `/_auth/oauth/${strategy._name}/authorize`
strategy.access_token_endpoint = endpoint

// Set response_type to code
strategy.response_type = 'code'

// Form parser
const formMiddleware = bodyParser.urlencoded()

// Register endpoint
this.options.serverMiddleware.unshift({
path: endpoint,
handler: (req, res, next) => {
if (req.method !== 'POST') {
return next()
}

formMiddleware(req, res, () => {
const {
code,
redirect_uri: redirectUri = strategy.redirect_uri,
response_type: responseType = strategy.response_type,
grant_type: grantType = strategy.grant_type
} = req.body

if (!code) {
return next()
}

axios
.request({
method: 'post',
url: tokenEndpoint,
data: {
client_id: clientID,
client_secret: clientSecret,
grant_type: grantType,
response_type: responseType,
redirect_uri: redirectUri,
code
},
headers: {
Accept: 'application/json'
}
})
.then(response => {
res.end(JSON.stringify(response.data))
})
.catch(error => next(error))
})
}
})
addAuthorize.call(this, strategy)
}

0 comments on commit 0602c60

Please sign in to comment.