diff --git a/src/clauth/endpoints.clj b/src/clauth/endpoints.clj index af5f6ad..69556e8 100644 --- a/src/clauth/endpoints.clj +++ b/src/clauth/endpoints.clj @@ -21,10 +21,10 @@ (defn token-response "Create a ring response for a token response" - [token] + [token & [token-decorator]] {:status 200 :headers {"Content-Type" "application/json"} - :body (cheshire/generate-string (decorate-token token))}) + :body (cheshire/generate-string ((or token-decorator decorate-token) token))}) (defn error-response "Create a ring response for a oauth error" @@ -36,12 +36,13 @@ (defn respond-with-new-token "create a new token and respond with json. If using built in token system it takes client and subject (user). You can also pass a function to it and the client and subject." - ([{:keys [token-creator params] :as attrs}] + ([{:keys [token-creator params token-decorator] :as attrs}] (let [params (or params {})] (token-response (token-creator (merge (select-keys params [:scope]) - (select-keys attrs [:client :subject :scope])))))) + (select-keys attrs [:client :subject :scope]))) + token-decorator))) ([client subject] (respond-with-new-token create-token client subject)) @@ -88,18 +89,20 @@ (defmulti token-request-handler grant-type) (defmethod token-request-handler "client_credentials" - [req {:keys [client-authenticator token-creator]}] + [req {:keys [client-authenticator token-creator token-decorator]}] (client-authenticated-request req client-authenticator (fn [req client] (respond-with-new-token {:token-creator token-creator - :client client - :subject client - :params (:params req)})))) + :token-decorator token-decorator + :client client + :subject client + :params (:params req)})))) (defmethod token-request-handler "authorization_code" [req {:keys [client-authenticator token-creator - auth-code-lookup auth-code-revoker]}] + auth-code-lookup auth-code-revoker + token-decorator]}] (client-authenticated-request req client-authenticator @@ -109,7 +112,9 @@ (= (:redirect-uri code) ((req :params) :redirect_uri))) (do (auth-code-revoker code) - (respond-with-new-token (merge code {:token-creator token-creator :client client}))) + (respond-with-new-token (merge code {:token-creator token-creator + :client client + :token-decorator token-decorator}))) (error-response "invalid_grant")) (error-response "invalid_grant"))))) diff --git a/test/clauth/test/endpoints.clj b/test/clauth/test/endpoints.clj index 1af778d..c78df4a 100644 --- a/test/clauth/test/endpoints.clj +++ b/test/clauth/test/endpoints.clj @@ -19,6 +19,17 @@ :headers {"Content-Type" "application/json"} :body "{\"access_token\":\"SECRET\",\"token_type\":\"bearer\"}"}))) +(deftest token-custom-decorator + (is (= (base/token-response {:token "SECRET" :unimportant "forget this"} + (fn [token] + (when token + {:access_token (:token token) + :token_type "bearer" + :id_token "BOOM!"}))) + {:status 200 + :headers {"Content-Type" "application/json"} + :body "{\"access_token\":\"SECRET\",\"token_type\":\"bearer\",\"id_token\":\"BOOM!\"}"}))) + (deftest ring-error-response (is (= (base/error-response :invalid_request) {:status 400