| 
									
										
										
										
											2017-02-08 00:48:07 -05:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2017-02-06 20:10:24 -05:00
										 |  |  |   // TODO move to a test / lint suite?
 | 
					
						
							| 
									
										
										
										
											2017-02-08 00:48:07 -05:00
										 |  |  |   oauth3._lintPromise = function (PromiseA) { | 
					
						
							| 
									
										
										
										
											2017-02-06 20:10:24 -05:00
										 |  |  |     var promise; | 
					
						
							|  |  |  |     var x = 1; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     // tests that this promise has all of the necessary api
 | 
					
						
							|  |  |  |     promise = new PromiseA(function (resolve, reject) { | 
					
						
							|  |  |  |       //console.log('x [2]', x);
 | 
					
						
							|  |  |  |       if (x !== 1) { | 
					
						
							|  |  |  |         throw new Error("bad promise, create not Synchronous [0]"); | 
					
						
							|  |  |  |       } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       PromiseA.resolve().then(function () { | 
					
						
							|  |  |  |         var promise2; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         //console.log('x resolve', x);
 | 
					
						
							|  |  |  |         if (x !== 2) { | 
					
						
							|  |  |  |           throw new Error("bad promise, resolve not Asynchronous [1]"); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         promise2 = PromiseA.reject().then(reject, function () { | 
					
						
							|  |  |  |           //console.log('x reject', x);
 | 
					
						
							|  |  |  |           if (x !== 4) { | 
					
						
							|  |  |  |             throw new Error("bad promise, reject not Asynchronous [2]"); | 
					
						
							|  |  |  |           } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |           if ('undefined' === typeof angular) { | 
					
						
							|  |  |  |             throw new Error("[NOT AN ERROR] Dear angular users: ignore this error-handling test"); | 
					
						
							|  |  |  |           } else { | 
					
						
							|  |  |  |             return PromiseA.reject(new Error("[NOT AN ERROR] ignore this error-handling test")); | 
					
						
							|  |  |  |           } | 
					
						
							|  |  |  |         }); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         x = 4; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |         return promise2; | 
					
						
							|  |  |  |       }).catch(function (e) { | 
					
						
							|  |  |  |         if (e.message.match('NOT AN ERROR')) { | 
					
						
							|  |  |  |           resolve({ success: true }); | 
					
						
							|  |  |  |         } else { | 
					
						
							|  |  |  |           reject(e); | 
					
						
							|  |  |  |         } | 
					
						
							|  |  |  |       }); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       x = 3; | 
					
						
							|  |  |  |     }); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     x = 2; | 
					
						
							|  |  |  |     return promise; | 
					
						
							|  |  |  |   }; | 
					
						
							| 
									
										
										
										
											2017-02-08 00:48:07 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  |   oauth3._lintDirectives = function (providerUri, directives) { | 
					
						
							|  |  |  |     var params = { directives: directives }; | 
					
						
							|  |  |  |     console.log('DEBUG oauth3._discoverHelper', directives); | 
					
						
							|  |  |  |     var err; | 
					
						
							|  |  |  |     if (!params.directives) { | 
					
						
							|  |  |  |       err = new Error(params.error_description || "Unknown error when discoving provider '" + providerUri + "'"); | 
					
						
							|  |  |  |       err.code = params.error || "E_UNKNOWN_ERROR"; | 
					
						
							|  |  |  |       return OAUTH3.PromiseA.reject(err); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     try { | 
					
						
							|  |  |  |       directives = JSON.parse(atob(params.directives)); | 
					
						
							|  |  |  |       console.log('DEBUG oauth3._discoverHelper directives', directives); | 
					
						
							|  |  |  |     } catch(e) { | 
					
						
							|  |  |  |       err = new Error(params.error_description || "could not parse directives for provider '" + providerUri + "'"); | 
					
						
							|  |  |  |       err.code = params.error || "E_PARSE_DIRECTIVE"; | 
					
						
							|  |  |  |       return OAUTH3.PromiseA.reject(err); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |     if ( | 
					
						
							|  |  |  |         (directives.authorization_dialog && directives.authorization_dialog.url) | 
					
						
							|  |  |  |       || (directives.access_token && directives.access_token.url) | 
					
						
							|  |  |  |     ) { | 
					
						
							|  |  |  |       // TODO lint directives
 | 
					
						
							|  |  |  |       // TODO self-reference in directive for providerUri?
 | 
					
						
							|  |  |  |       directives.provider_uri = providerUri; | 
					
						
							|  |  |  |       localStorage.setItem('oauth3.' + providerUri + '.directives', JSON.stringify(directives)); | 
					
						
							|  |  |  |       localStorage.setItem('oauth3.' + providerUri + '.directives.updated_at', new Date().toISOString()); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       return OAUTH3.PromiseA.resolve(directives); | 
					
						
							|  |  |  |     } else { | 
					
						
							|  |  |  |       // ignore
 | 
					
						
							|  |  |  |       console.error("the directives provided by '" + providerUri + "' were invalid."); | 
					
						
							|  |  |  |       params.error = params.error || "E_INVALID_DIRECTIVE"; | 
					
						
							|  |  |  |       params.error_description = params.error_description | 
					
						
							|  |  |  |         || "directives did not include authorization_dialog.url"; | 
					
						
							|  |  |  |       err = new Error(params.error_description || "Unknown error when discoving provider '" + providerUri + "'"); | 
					
						
							|  |  |  |       err.code = params.error; | 
					
						
							|  |  |  |       return OAUTH3.PromiseA.reject(err); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |   }; | 
					
						
							| 
									
										
										
										
											2017-02-08 04:18:15 -05:00
										 |  |  | 
 | 
					
						
							|  |  |  |   core.tokenState = function (session) { | 
					
						
							|  |  |  |     var fresh; | 
					
						
							|  |  |  |     fresh = (Date.now() / 1000) >= (parseInt(session._accessTokenData.exp) || 0); | 
					
						
							|  |  |  |     if (!fresh) { | 
					
						
							|  |  |  |       console.log("[os] isn't fresh", session._accessTokenData.exp); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  |   }; | 
					
						
							|  |  |  |   oauth3._lintRequest = function (preq, opts) { | 
					
						
							|  |  |  |     var providerUri; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     console.log('[os] request meta opts', opts); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     // check that the JWT is not expired
 | 
					
						
							|  |  |  |     // TODO check that this request applies to the aud and azp
 | 
					
						
							|  |  |  |     if (!(preq.session && preq.session.accessToken)) { | 
					
						
							|  |  |  |       console.log('[os] no session/accessTokenData'); | 
					
						
							|  |  |  |       return oauth3.PromiseA.resolve(preq); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     preq.headers = preq.headers || {}; | 
					
						
							|  |  |  |     preq.headers.Authorization = 'Bearer ' + preq.session.accessToken; | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     if (!preq.session._accessTokenData) { | 
					
						
							|  |  |  |       console.log('[os] no _accessTokenData'); | 
					
						
							|  |  |  |       preq.session._accessTokenData = core.jwt.decode(preq.session.accessToken).payload; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     if (!preq.url.match(preq.session._accessTokenData.aud)) { | 
					
						
							|  |  |  |       console.log("[os] doesn't match audience", preq.session._accessTokenData.aud); | 
					
						
							|  |  |  |       return oauth3.PromiseA.resolve(preq); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     switch (core.tokenState(session)) { | 
					
						
							|  |  |  |       case 'fresh': | 
					
						
							|  |  |  |         return oauth3.PromiseA.resolve(preq); | 
					
						
							|  |  |  |       case 'stale': | 
					
						
							|  |  |  |       case 'useless': | 
					
						
							|  |  |  |         break; | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     if (!preq.session.refreshToken) { | 
					
						
							|  |  |  |       console.log("[os] can't refresh", preq.session); | 
					
						
							|  |  |  |       return oauth3.PromiseA.resolve(preq); | 
					
						
							|  |  |  |     } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     opts.refreshToken = preq.session.refreshToken; | 
					
						
							|  |  |  |     console.log('[oauth3.js] refreshToken attempt'); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |     // TODO include directive?
 | 
					
						
							|  |  |  |     providerUri = preq.session.providerUri || preq.session._accessTokenData.iss; | 
					
						
							|  |  |  |     //opts.
 | 
					
						
							|  |  |  |     return oauth3.refreshToken(providerUri, opts).then(function (res) { | 
					
						
							|  |  |  |       console.log('[oauth3.js] refreshToken result:', res); | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       if (!res.data.accessToken) { | 
					
						
							|  |  |  |         return preq; | 
					
						
							|  |  |  |       } | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |       // TODO fire session update event
 | 
					
						
							|  |  |  |       res.data.providerUri = preq.session.providerUri; | 
					
						
							|  |  |  |       preq.session = res.data; | 
					
						
							|  |  |  |       preq.headers.Authorization = 'Bearer ' + preq.session.accessToken; | 
					
						
							|  |  |  |       return preq; | 
					
						
							|  |  |  |     }); | 
					
						
							|  |  |  |   }; |