This repository has been archived on 2022-11-26. You can view files and clone it, but cannot push or open issues or pull requests.
IcyNet.eu/server/api/oauth2/controller/tokens/refreshToken.js

74 lines
2.2 KiB
JavaScript

import { InvalidRequest, ServerError, InvalidGrant, InvalidClient } from '../../error'
export async function refreshToken (oauth2, client, pRefreshToken) {
let user = null
let ttl = null
let refreshToken = null
let accessToken = null
const resObj = {
token_type: 'bearer'
}
if (!pRefreshToken) {
throw new InvalidRequest('refresh_token is mandatory for refresh_token grant type')
}
try {
refreshToken = await oauth2.model.refreshToken.fetchByToken(pRefreshToken)
} catch (err) {
throw new ServerError('Failed to call refreshToken.fetchByToken function')
}
if (!refreshToken) {
throw new InvalidGrant('Refresh token not found')
}
if (oauth2.model.refreshToken.getClientId(refreshToken) !== oauth2.model.client.getId(client)) {
console.warn('Client %s tried to fetch a refresh token which belongs to client %s!', oauth2.model.client.getId(client),
oauth2.model.refreshToken.getClientId(refreshToken))
throw new InvalidGrant('Refresh token not found')
}
try {
user = await oauth2.model.user.fetchById(oauth2.model.refreshToken.getUserId(refreshToken))
} catch (err) {
throw new ServerError('Failed to call user.fetchById function')
}
if (!user) {
throw new InvalidClient('User not found')
}
try {
accessToken = await oauth2.model.accessToken.fetchByUserIdClientId(oauth2.model.user.getId(user),
oauth2.model.client.getId(client))
} catch (err) {
throw new ServerError('Failed to call accessToken.fetchByUserIdClientId function')
}
if (accessToken) {
ttl = oauth2.model.accessToken.getTTL(accessToken)
if (!ttl) {
accessToken = null
} else {
resObj.access_token = oauth2.model.accessToken.getToken(accessToken)
resObj.expires_in = ttl
}
}
if (!accessToken) {
try {
resObj.access_token = await oauth2.model.accessToken.create(oauth2.model.user.getId(user),
oauth2.model.client.getId(client), oauth2.model.refreshToken.getScope(refreshToken), oauth2.model.accessToken.ttl)
} catch (err) {
throw new ServerError('Failed to call accessToken.create function')
}
resObj.expires_in = oauth2.model.accessToken.ttl
}
return resObj
}