IcyNet.eu/server/api/oauth2/controller/introspection.js

import error from '../error'
import response from '../response'
import wrap from '../../../../scripts/asyncRoute'

module.exports = wrap(async function (req, res) {
  let clientId = null
  let clientSecret = null

  if (req.body.client_id && req.body.client_secret) {
    clientId = req.body.client_id
    clientSecret = req.body.client_secret
    console.debug('Client credentials parsed from body parameters ', clientId, clientSecret)
  } else {
    if (!req.headers || !req.headers.authorization) {
      return response.error(req, res, new error.InvalidRequest('No authorization header passed'))
    }

    let pieces = req.headers.authorization.split(' ', 2)
    if (!pieces || pieces.length !== 2) {
      return response.error(req, res, new error.InvalidRequest('Authorization header is corrupted'))
    }

    if (pieces[0] !== 'Basic') {
      return response.error(req, res, new error.InvalidRequest('Unsupported authorization method:', pieces[0]))
    }

    pieces = Buffer.from(pieces[1], 'base64').toString('ascii').split(':', 2)
    if (!pieces || pieces.length !== 2) {
      return response.error(req, res, new error.InvalidRequest('Authorization header has corrupted data'))
    }

    clientId = pieces[0]
    clientSecret = pieces[1]
    console.debug('Client credentials parsed from basic auth header: ', clientId, clientSecret)
  }

  if (!req.body.token) {
    return response.error(req, res, new error.InvalidRequest('Token not provided in request body'))
  }

  let token = await req.oauth2.model.accessToken.fetchByToken(req.body.token)
  if (!token) {
    return response.error(req, res, new error.InvalidRequest('Token does not exist'))
  }

  let ttl = req.oauth2.model.accessToken.getTTL(token)
  let resObj = {
    token_type: 'bearer',
    token: token.token,
    expires_in: Math.floor(ttl / 1000)
  }

  response.data(req, res, resObj)
})
OAuth2 provider implemented 2017-08-23 20:13:45 +00:00			`import error from '../error'`
			`import response from '../response'`
			`import wrap from '../../../../scripts/asyncRoute'`

			`module.exports = wrap(async function (req, res) {`
			`let clientId = null`
			`let clientSecret = null`

			`if (req.body.client_id && req.body.client_secret) {`
			`clientId = req.body.client_id`
			`clientSecret = req.body.client_secret`
			`console.debug('Client credentials parsed from body parameters ', clientId, clientSecret)`
			`} else {`
			`if (!req.headers \|\| !req.headers.authorization) {`
			`return response.error(req, res, new error.InvalidRequest('No authorization header passed'))`
			`}`

			`let pieces = req.headers.authorization.split(' ', 2)`
			`if (!pieces \|\| pieces.length !== 2) {`
			`return response.error(req, res, new error.InvalidRequest('Authorization header is corrupted'))`
			`}`

			`if (pieces[0] !== 'Basic') {`
			`return response.error(req, res, new error.InvalidRequest('Unsupported authorization method:', pieces[0]))`
			`}`

lint everything using standard 2017-08-24 16:23:03 +00:00			`pieces = Buffer.from(pieces[1], 'base64').toString('ascii').split(':', 2)`
OAuth2 provider implemented 2017-08-23 20:13:45 +00:00			`if (!pieces \|\| pieces.length !== 2) {`
			`return response.error(req, res, new error.InvalidRequest('Authorization header has corrupted data'))`
			`}`

			`clientId = pieces[0]`
			`clientSecret = pieces[1]`
			`console.debug('Client credentials parsed from basic auth header: ', clientId, clientSecret)`
			`}`

			`if (!req.body.token) {`
			`return response.error(req, res, new error.InvalidRequest('Token not provided in request body'))`
			`}`

			`let token = await req.oauth2.model.accessToken.fetchByToken(req.body.token)`
			`if (!token) {`
			`return response.error(req, res, new error.InvalidRequest('Token does not exist'))`
			`}`

			`let ttl = req.oauth2.model.accessToken.getTTL(token)`
			`let resObj = {`
			`token_type: 'bearer',`
			`token: token.token,`
			`expires_in: Math.floor(ttl / 1000)`
			`}`

			`response.data(req, res, resObj)`
			`})`