2017-06-28 14:28:28 -06:00
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
module.exports.create = function (bigconf, deps, app) {
|
2017-07-24 17:10:41 -06:00
|
|
|
var Jwks = require('./jwks').create(app);
|
|
|
|
|
var Grants = require('./grants').create(app);
|
2017-07-26 15:51:51 -06:00
|
|
|
var Accounts = require('./accounts').create(app);
|
2017-06-28 14:28:28 -06:00
|
|
|
|
2017-06-28 17:51:24 -06:00
|
|
|
// This tablename is based on the tablename found in the objects in model.js.
|
|
|
|
|
// Instead of the snake_case the name with be UpperCammelCase, converted by masterquest-sqlite3.
|
2017-09-12 22:31:11 +00:00
|
|
|
function attachSiteModels(req, res, next) {
|
|
|
|
|
return req.getSiteStore().then(function (store) {
|
|
|
|
|
req.Models = store;
|
|
|
|
|
next();
|
|
|
|
|
});
|
|
|
|
|
}
|
2017-06-28 17:51:24 -06:00
|
|
|
function attachSiteStore(tablename, req, res, next) {
|
|
|
|
|
return req.getSiteStore().then(function (store) {
|
|
|
|
|
req.Store = store[tablename];
|
2017-06-28 14:28:28 -06:00
|
|
|
next();
|
|
|
|
|
});
|
|
|
|
|
}
|
2017-06-28 17:51:24 -06:00
|
|
|
function detachSiteStore(req, res, next) {
|
|
|
|
|
delete req.Store;
|
|
|
|
|
next();
|
|
|
|
|
}
|
2017-07-24 14:45:25 -06:00
|
|
|
function authorizeIssuer(req, res, next) {
|
2017-09-12 22:31:11 +00:00
|
|
|
var promise = require('./common').checkIssuerToken(req, req.params.sub).then(function () {
|
2017-07-12 14:35:25 -06:00
|
|
|
next();
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
app.handleRejection(req, res, promise, '[issuer@oauth3.org] authorize req as issuer');
|
|
|
|
|
}
|
|
|
|
|
|
2017-09-12 22:31:11 +00:00
|
|
|
app.get( '/jwks/:sub/:kid.json', Jwks.restful.get);
|
|
|
|
|
app.get( '/jwks/:sub/:kid', Jwks.restful.get);
|
2017-07-12 14:39:53 -06:00
|
|
|
// Everything but getting keys is only for the issuer
|
2017-09-12 22:31:11 +00:00
|
|
|
app.use( '/jwks/:sub', authorizeIssuer, attachSiteStore.bind(null, 'IssuerOauth3OrgJwks'));
|
|
|
|
|
app.post( '/jwks/:sub', Jwks.restful.saveNew);
|
2017-06-28 17:51:24 -06:00
|
|
|
|
2017-07-12 14:35:25 -06:00
|
|
|
// Everything regarding grants is only for the issuer
|
2017-09-12 22:31:11 +00:00
|
|
|
app.use( '/grants/:sub', authorizeIssuer, attachSiteStore.bind(null, 'IssuerOauth3OrgGrants'));
|
|
|
|
|
app.get( '/grants/:sub', Grants.restful.getAll);
|
|
|
|
|
app.get( '/grants/:sub/:azp', Grants.restful.getOne);
|
|
|
|
|
app.post( '/grants/:sub/:azp', Grants.restful.saveNew);
|
|
|
|
|
|
|
|
|
|
app.use( '/access_token', attachSiteModels);
|
|
|
|
|
app.post( '/access_token/send_otp', Accounts.restful.sendOtp);
|
|
|
|
|
app.post( '/access_token/:sub/:aud/:azp', Accounts.restful.createToken);
|
|
|
|
|
app.post( '/access_token', Accounts.restful.createToken);
|
|
|
|
|
|
|
|
|
|
app.use( '/acl/profile', attachSiteModels);
|
|
|
|
|
app.get( '/acl/profile', Accounts.restful.getProfile);
|
|
|
|
|
app.post( '/acl/profile', Accounts.restful.setProfile);
|
|
|
|
|
|
|
|
|
|
app.use( '/acl/contact_nodes', attachSiteModels);
|
|
|
|
|
app.post( '/acl/contact_nodes', Accounts.restful.claimContact);
|
|
|
|
|
app.post( '/acl/contact_nodes/:id', Accounts.restful.verifyContact);
|
2017-07-19 17:42:06 -06:00
|
|
|
|
2017-06-28 17:51:24 -06:00
|
|
|
app.use(detachSiteStore);
|
2017-06-28 14:28:28 -06:00
|
|
|
};
|
