diff --git a/oauth3.core.js b/oauth3.core.js index 43acd4a..ca4cfdd 100644 --- a/oauth3.core.js +++ b/oauth3.core.js @@ -616,6 +616,7 @@ return OAUTH3._discoverHelper(providerUri, opts).then(function (directives) { directives.azp = directives.azp || OAUTH3.url.normalize(providerUri); directives.issuer = directives.issuer || OAUTH3.url.normalize(providerUri); + directives.api = (directives.api||':hostname').replace(/:hostname/, directives.issuer || OAUTH3.url.normalize(providerUri)); // OAUTH3.PromiseA.resolve() is taken care of because this is wrapped return OAUTH3.hooks.directives.set(providerUri, directives); }); diff --git a/oauth3.issuer.js b/oauth3.issuer.js index c783992..0bd2b6e 100644 --- a/oauth3.issuer.js +++ b/oauth3.issuer.js @@ -173,7 +173,7 @@ OAUTH3.urls.resourceOwnerPassword = function (directive, opts) { } return { - url: OAUTH3.url.resolve(directive.issuer, uri) + url: OAUTH3.url.resolve(directive.api, uri) , method: args.method , data: body }; @@ -206,7 +206,7 @@ OAUTH3.urls.grants = function (directive, opts) { } } - var url = OAUTH3.url.resolve(directive.issuer, directive.grants.url) + var url = OAUTH3.url.resolve(directive.api, directive.grants.url) .replace(/(:azp|:client_id)/g, OAUTH3.uri.normalize(opts.client_id || opts.client_uri)) .replace(/(:sub|:account_id)/g, opts.session.token.sub) ; @@ -241,7 +241,7 @@ OAUTH3.authn.loginMeta = function (directive, opts) { method: directive.credential_meta.method || 'GET' // TODO lint urls // TODO client_uri - , url: OAUTH3.url.resolve(directive.issuer, directive.credential_meta.url) + , url: OAUTH3.url.resolve(directive.api, directive.credential_meta.url) .replace(':type', 'email') .replace(':id', opts.email) }); @@ -250,7 +250,7 @@ OAUTH3.authn.otp = function (directive, opts) { // TODO client_uri var preq = { method: directive.credential_otp.method || 'POST' - , url: OAUTH3.url.resolve(directive.issuer, directive.credential_otp.url) + , url: OAUTH3.url.resolve(directive.api, directive.credential_otp.url) , data: { // TODO replace with signed hosted file client_agree_tos: 'oauth3.org/tos/draft' @@ -465,7 +465,7 @@ OAUTH3.requests.accounts.update = function (directive, session, opts) { OAUTH3.requests.accounts.create = function (directive, session, account) { var dir = directive.create_account || { method: 'POST' - , url: 'https://' + directive.issuer + '/api/org.oauth3.provider/accounts' + , url: 'https://' + directive.api + '/api/org.oauth3.provider/accounts' , bearer: 'Bearer' }; var data = { diff --git a/well-known/oauth3/directives.json b/well-known/oauth3/directives.json index a6bb1a8..d2b477b 100644 --- a/well-known/oauth3/directives.json +++ b/well-known/oauth3/directives.json @@ -1,10 +1,11 @@ { "terms": [ "oauth3.org/tos/draft" ] +, "api": "api.:hostname" , "authorization_dialog": { "url": "#/authorization_dialog" } , "access_token": { "method": "POST", "url": "api/org.oauth3.provider/access_token" } -, "otp": { "method": "POST" , "url": "api/org.oauth3.provider/otp" } -, "credential_otp": { "method": "POST" , "url": "api/org.oauth3.provider/otp" } +, "otp": { "method": "POST", "url": "api/org.oauth3.provider/otp" } +, "credential_otp": { "method": "POST", "url": "api/org.oauth3.provider/otp" } , "credential_meta": { "url": "api/org.oauth3.provider/logins/meta/:type/:id" } -, "credential_create": { "method": "POST" , "url": "api/org.oauth3.provider/logins" } +, "credential_create": { "method": "POST", "url": "api/org.oauth3.provider/logins" } , "grants": { "method": "GET", "url": "api/org.oauth3.provider/grants/:azp/:sub" } , "authorization_decision": { "method": "POST", "url": "api/org.oauth3.provider/authorization_decision" } , "callback": { "method": "GET", "url": ".well-known/oauth3/callback.html#/" }