forked from meteor/meteor
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmeteor_developer_server.js
97 lines (88 loc) · 2.85 KB
/
meteor_developer_server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
OAuth.registerService("meteor-developer", 2, null, function (query) {
var response = getTokens(query);
var accessToken = response.accessToken;
var identity = getIdentity(accessToken);
var serviceData = {
accessToken: OAuth.sealSecret(accessToken),
expiresAt: (+new Date) + (1000 * response.expiresIn)
};
_.extend(serviceData, identity);
// only set the token in serviceData if it's there. this ensures
// that we don't lose old ones (since we only get this on the first
// log in attempt)
if (response.refreshToken)
serviceData.refreshToken = OAuth.sealSecret(response.refreshToken);
return {
serviceData: serviceData,
options: {profile: {name: serviceData.username}}
// XXX use username for name until meteor accounts has a profile with a name
};
});
// returns an object containing:
// - accessToken
// - expiresIn: lifetime of token in seconds
// - refreshToken, if this is the first authorization request and we got a
// refresh token from the server
var getTokens = function (query) {
var config = ServiceConfiguration.configurations.findOne({
service: 'meteor-developer'
});
if (!config)
throw new ServiceConfiguration.ConfigError();
var response;
try {
response = HTTP.post(
MeteorDeveloperAccounts._server + "/oauth2/token", {
params: {
grant_type: "authorization_code",
code: query.code,
client_id: config.clientId,
client_secret: OAuth.openSecret(config.secret),
redirect_uri: OAuth._redirectUri('meteor-developer', config)
}
}
);
} catch (err) {
throw _.extend(
new Error(
"Failed to complete OAuth handshake with Meteor developer accounts. "
+ err.message
),
{response: err.response}
);
}
if (! response.data || response.data.error) {
// if the http response was a json object with an error attribute
throw new Error(
"Failed to complete OAuth handshake with Meteor developer accounts. " +
(response.data ? response.data.error :
"No response data")
);
} else {
return {
accessToken: response.data.access_token,
refreshToken: response.data.refresh_token,
expiresIn: response.data.expires_in
};
}
};
var getIdentity = function (accessToken) {
try {
return HTTP.get(
MeteorDeveloperAccounts._server + "/api/v1/identity",
{
headers: { Authorization: "Bearer " + accessToken }
}
).data;
} catch (err) {
throw _.extend(
new Error("Failed to fetch identity from Meteor developer accounts. " +
err.message),
{response: err.response}
);
}
};
MeteorDeveloperAccounts.retrieveCredential = function (credentialToken,
credentialSecret) {
return OAuth.retrieveCredential(credentialToken, credentialSecret);
};