OpenServer/OpenAuth_server
1
1
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

Merge remote-tracking branch 'origin/master'

Browse Source
This commit is contained in:
Fabian Stamm 2019-03-14 18:11:08 -04:00
commit e71e36eb5f
4 changed files with 15 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
package.json
View File

@ -9,6 +9,7 @@
"build-doc": "apidoc -i src/ -p apidoc/", "build-doc": "apidoc -i src/ -p apidoc/",
"build-ts": "tsc", "build-ts": "tsc",
"build": "tsc && cd views && npm run build && cd ..", "build": "tsc && cd views && npm run build && cd ..",
"build-server":"tsc",
"watch-ts": "tsc -w", "watch-ts": "tsc -w",
"watch-views": "cd views && npm run watch", "watch-views": "cd views && npm run watch",
"watch-node": "nodemon --ignore ./views lib/index.js", "watch-node": "nodemon --ignore ./views lib/index.js",

11
src/api/middlewares/client.ts
View File

@ -12,6 +12,17 @@ export function GetClientAuthMiddleware(checksecret = true, internal = false, ch
let client_id = req.query.client_id || req.body.client_id; let client_id = req.query.client_id || req.body.client_id;
let client_secret = req.query.client_secret || req.body.client_secret; let client_secret = req.query.client_secret || req.body.client_secret;
if(!client_id && !client_secret && req.headers.authorization) {
let header = req.headers.authorization;
let [type, val] = header.split(" ");
if(val) {
let str = Buffer.from(val, "base64").toString("utf-8");
let [id, secret] = str.split(":");
client_id = id;
client_secret = secret;
}
}
if (!client_id || (!client_secret && checksecret)) { if (!client_id || (!client_secret && checksecret)) {
throw new RequestError("No client credentials", HttpStatusCode.BAD_REQUEST); throw new RequestError("No client credentials", HttpStatusCode.BAD_REQUEST);
} }

2
src/api/oauth/auth.ts
View File

@ -46,7 +46,7 @@ const AuthRoute = Stacker(GetUserMiddleware(true), async (req: Request, res: Res
let permissions: IPermission[] = []; let permissions: IPermission[] = [];
if (scope) { if (scope) {
let perms = (<string>scope).split(";").map(p => new ObjectID(p)); let perms = (<string>scope).split(";").filter(e => e !== "read_user").map(p => new ObjectID(p));
permissions = await Permission.find({ _id: { $in: perms } }) permissions = await Permission.find({ _id: { $in: perms } })
if (permissions.length != perms.length) { if (permissions.length != perms.length) {

4
src/views/views.ts
View File

@ -13,7 +13,7 @@ import Client from "../models/client";
import { Logging } from "@hibas123/nodelogging"; import { Logging } from "@hibas123/nodelogging";
import Stacker from "../api/middlewares/stacker"; import Stacker from "../api/middlewares/stacker";
import { UserMiddleware, GetUserMiddleware } from "../api/middlewares/user"; import { UserMiddleware, GetUserMiddleware } from "../api/middlewares/user";
import GetUserPage from "./user"; // import GetUserPage from "./user";
Handlebars.registerHelper("appname", () => config.core.name); Handlebars.registerHelper("appname", () => config.core.name);
@ -59,7 +59,7 @@ ViewRouter.get("/auth", Stacker(GetUserMiddleware(false, true), async (req, res)
let permissions: IPermission[] = []; let permissions: IPermission[] = [];
let proms: PromiseLike<void>[] = []; let proms: PromiseLike<void>[] = [];
if (scope) { if (scope) {
for (let perm of scope.split(";")) { for (let perm of scope.split(";").filter(e => e !== "read_user")) {
proms.push(Permission.findById(perm).then(p => { proms.push(Permission.findById(perm).then(p => {
if (!p) return Promise.reject(new Error()); if (!p) return Promise.reject(new Error());
permissions.push(p); permissions.push(p);