IcyNetwork/IcyNet.eu
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2022-11-26. You can view files and clone it, but cannot push or open issues or pull requests.
089cba7d0d
IcyNet.eu/server/api/oauth2/controller/tokens/password.js

72 lines
2.1 KiB
JavaScript
Raw Blame History

import { ServerError, InvalidRequest, InvalidScope, InvalidClient } from '../../error'
export async function password (oauth2, client, username, password, scope) {
let user = null
const resObj = {
token_type: 'bearer'
}
if (!username) {
throw new InvalidRequest('Username is mandatory for password grant type')
}
if (!password) {
throw new InvalidRequest('Password is mandatory for password grant type')
}
scope = oauth2.model.client.transformScope(scope)
scope = oauth2.model.client.checkScope(client, scope)
if (!scope) {
throw new InvalidScope('Client does not allow access to this scope')
} else {
console.debug('Scope check passed: ', scope)
}
try {
user = await oauth2.model.user.fetchByUsername(username)
} catch (err) {
throw new ServerError('Failed to call user.fetchByUsername function')
}
if (!user) {
throw new InvalidClient('User not found')
}
const valid = await oauth2.model.user.checkPassword(user, password)
if (!valid) {
throw new InvalidClient('Wrong password')
}
try {
await oauth2.model.refreshToken.removeByUserIdClientId(oauth2.model.user.getId(user),
oauth2.model.client.getId(client))
} catch (err) {
throw new ServerError('Failed to call refreshToken.removeByUserIdClientId function')
}
console.debug('Refresh token removed')
if (!oauth2.model.client.checkGrantType(client, 'refresh_token')) {
console.debug('Client does not allow grant type refresh_token, skip creation')
} else {
try {
resObj.refresh_token = await oauth2.model.refreshToken.create(oauth2.model.user.getId(user),
oauth2.model.client.getId(client), scope)
} catch (err) {
throw new ServerError('Failed to call refreshToken.create function')
}
}
try {
resObj.access_token = await oauth2.model.accessToken.create(oauth2.model.user.getId(user),
oauth2.model.client.getId(client), scope, oauth2.model.accessToken.ttl)
} catch (err) {
throw new ServerError('Failed to call accessToken.create function')
}
resObj.expires_in = oauth2.model.accessToken.ttl
console.debug('Access token saved ', resObj.access_token)
return resObj
}
Reference in New Issue View Git Blame Copy Permalink