diff options
Diffstat (limited to '.snap-meteor-1.8/oidc_server.js')
-rw-r--r-- | .snap-meteor-1.8/oidc_server.js | 116 |
1 files changed, 51 insertions, 65 deletions
diff --git a/.snap-meteor-1.8/oidc_server.js b/.snap-meteor-1.8/oidc_server.js index 91b0e8a4..326238da 100644 --- a/.snap-meteor-1.8/oidc_server.js +++ b/.snap-meteor-1.8/oidc_server.js @@ -1,12 +1,13 @@ Oidc = {}; -OAuth.registerService('oidc', 2, null, function(query) { +OAuth.registerService('oidc', 2, null, function (query) { + var debug = process.env.DEBUG || false; var token = getToken(query); if (debug) console.log('XXX: register token:', token); var accessToken = token.access_token || token.id_token; - var expiresAt = +new Date() + 1000 * parseInt(token.expires_in, 10); + var expiresAt = (+new Date) + (1000 * parseInt(token.expires_in, 10)); var userinfo = getUserInfo(accessToken); if (debug) console.log('XXX: userinfo:', userinfo); @@ -21,14 +22,12 @@ OAuth.registerService('oidc', 2, null, function(query) { if (accessToken) { var tokenContent = getTokenContent(accessToken); - var fields = _.pick( - tokenContent, - getConfiguration().idTokenWhitelistFields, - ); + var fields = _.pick(tokenContent, getConfiguration().idTokenWhitelistFields); _.extend(serviceData, fields); } - if (token.refresh_token) serviceData.refreshToken = token.refresh_token; + if (token.refresh_token) + serviceData.refreshToken = token.refresh_token; if (debug) console.log('XXX: serviceData:', serviceData); var profile = {}; @@ -38,101 +37,88 @@ OAuth.registerService('oidc', 2, null, function(query) { return { serviceData: serviceData, - options: { profile: profile }, + options: { profile: profile } }; }); -var userAgent = 'Meteor'; +var userAgent = "Meteor"; if (Meteor.release) { - userAgent += '/' + Meteor.release; + userAgent += "/" + Meteor.release; } -var getToken = function(query) { +var getToken = function (query) { var debug = process.env.DEBUG || false; var config = getConfiguration(); - if (config.tokenEndpoint.includes('https://')) { + if(config.tokenEndpoint.includes('https://')){ var serverTokenEndpoint = config.tokenEndpoint; - } else { + }else{ var serverTokenEndpoint = config.serverUrl + config.tokenEndpoint; } var requestPermissions = config.requestPermissions; var response; try { - response = HTTP.post(serverTokenEndpoint, { - headers: { - Accept: 'application/json', - 'User-Agent': userAgent, - }, - params: { - code: query.code, - client_id: config.clientId, - client_secret: OAuth.openSecret(config.secret), - redirect_uri: OAuth._redirectUri('oidc', config), - grant_type: 'authorization_code', - scope: requestPermissions, - state: query.state, - }, - }); - } catch (err) { - throw _.extend( - new Error( - 'Failed to get token from OIDC ' + - serverTokenEndpoint + - ': ' + - err.message, - ), - { response: err.response }, + response = HTTP.post( + serverTokenEndpoint, + { + headers: { + Accept: 'application/json', + "User-Agent": userAgent + }, + params: { + code: query.code, + client_id: config.clientId, + client_secret: OAuth.openSecret(config.secret), + redirect_uri: OAuth._redirectUri('oidc', config), + grant_type: 'authorization_code', + scope: requestPermissions, + state: query.state + } + } ); + } catch (err) { + throw _.extend(new Error("Failed to get token from OIDC " + serverTokenEndpoint + ": " + err.message), + { response: err.response }); } if (response.data.error) { // if the http response was a json object with an error attribute - throw new Error( - 'Failed to complete handshake with OIDC ' + - serverTokenEndpoint + - ': ' + - response.data.error, - ); + throw new Error("Failed to complete handshake with OIDC " + serverTokenEndpoint + ": " + response.data.error); } else { if (debug) console.log('XXX: getToken response: ', response.data); return response.data; } }; -var getUserInfo = function(accessToken) { +var getUserInfo = function (accessToken) { var debug = process.env.DEBUG || false; var config = getConfiguration(); // Some userinfo endpoints use a different base URL than the authorization or token endpoints. // This logic allows the end user to override the setting by providing the full URL to userinfo in their config. - if (config.userinfoEndpoint.includes('https://')) { + if (config.userinfoEndpoint.includes("https://")) { var serverUserinfoEndpoint = config.userinfoEndpoint; } else { var serverUserinfoEndpoint = config.serverUrl + config.userinfoEndpoint; } var response; try { - response = HTTP.get(serverUserinfoEndpoint, { - headers: { - 'User-Agent': userAgent, - Authorization: 'Bearer ' + accessToken, - }, - }); - } catch (err) { - throw _.extend( - new Error( - 'Failed to fetch userinfo from OIDC ' + - serverUserinfoEndpoint + - ': ' + - err.message, - ), - { response: err.response }, + response = HTTP.get( + serverUserinfoEndpoint, + { + headers: { + "User-Agent": userAgent, + "Authorization": "Bearer " + accessToken + } + } ); + } catch (err) { + throw _.extend(new Error("Failed to fetch userinfo from OIDC " + serverUserinfoEndpoint + ": " + err.message), + {response: err.response}); } if (debug) console.log('XXX: getUserInfo response: ', response.data); return response.data; }; -var getConfiguration = function() { +var getConfiguration = function () { var config = ServiceConfiguration.configurations.findOne({ service: 'oidc' }); if (!config) { throw new ServiceConfiguration.ConfigError('Service oidc not configured.'); @@ -140,7 +126,7 @@ var getConfiguration = function() { return config; }; -var getTokenContent = function(token) { +var getTokenContent = function (token) { var content = null; if (token) { try { @@ -151,13 +137,13 @@ var getTokenContent = function(token) { var signed = parts[0] + '.' + parts[1]; } catch (err) { this.content = { - exp: 0, + exp: 0 }; } } return content; -}; +} -Oidc.retrieveCredential = function(credentialToken, credentialSecret) { +Oidc.retrieveCredential = function (credentialToken, credentialSecret) { return OAuth.retrieveCredential(credentialToken, credentialSecret); }; |