Skip to content

issue #4 - sql fix #20

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

issue #4 - sql fix #20

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 6 additions & 4 deletions components/oauth/models.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ function getUser(username, password) {
attributes: ['id', 'username', 'password', 'scope'],
})
.then(function (user) {
return user.password == password ? user.toJSON() : false;
return user.password === password ? user.toJSON() : false;
})
.catch(function (err) {
console.log("getUser - Err: ", err)
Expand Down Expand Up @@ -237,11 +237,13 @@ function getRefreshToken(refreshToken) {
});
}

function validateScope(token, client) {
return (user.scope === scope && client.scope === scope && scope !== null) ? scope : false
function validateScope(token, client, scope) {
console.log("validateScope", token, client, scope);
return (user.scope === client.scope) ? scope : false
Copy link

@jankal jankal Jan 3, 2018
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

user is not defined! How should this ever work?

The method signature is as follows:

AbstractGrantType.prototype.validateScope = function(user, client, scope) {}

See oauthjs/node-oauth2-server

}

function verifyScope(token, scope) {
console.log("verifyScope", token, scope);
return token.scope === scope
}

Expand All @@ -260,7 +262,7 @@ module.exports = {
revokeToken: revokeToken,
saveToken: saveToken,//saveOAuthAccessToken, renamed to
saveAuthorizationCode: saveAuthorizationCode, //renamed saveOAuthAuthorizationCode,
validateScope: validateScope,
// validateScope: validateScope,
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

validateScope is a key part of this oauth procedure. Why do you remove it?

verifyScope: verifyScope,
}

2 changes: 1 addition & 1 deletion config.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,5 +17,5 @@ module.exports = {
seedDB:false,
seedMongoDB:false,
seedDBForce:true,
db:'mongo' // mongo,sql if you want to use any SQL change dialect above in sql config
db:'sql' // mongo,sql if you want to use any SQL change dialect above in sql config
}