2010-05-02 14:43:10 +00:00
|
|
|
var querystring= require('querystring'),
|
|
|
|
|
crypto= require('crypto'),
|
2011-02-06 19:52:44 +00:00
|
|
|
https= require('https'),
|
2011-08-15 22:27:06 +00:00
|
|
|
URL= require('url'),
|
|
|
|
|
OAuthUtils= require('./_utils');
|
2010-05-02 14:43:10 +00:00
|
|
|
|
|
|
|
|
exports.OAuth2= function(clientId, clientSecret, baseSite, authorizePath, accessTokenPath) {
|
|
|
|
|
this._clientId= clientId;
|
|
|
|
|
this._clientSecret= clientSecret;
|
|
|
|
|
this._baseSite= baseSite;
|
2011-06-29 23:03:22 +00:00
|
|
|
this._authorizeUrl= authorizePath || "/oauth/authorize";
|
|
|
|
|
this._accessTokenUrl= accessTokenPath || "/oauth/access_token";
|
|
|
|
|
this._accessTokenName= "access_token";
|
2010-05-02 14:43:10 +00:00
|
|
|
}
|
|
|
|
|
|
2011-06-29 23:03:22 +00:00
|
|
|
// This 'hack' method is required for sites that don't use
|
|
|
|
|
// 'access_token' as the name of the access token (for requests).
|
|
|
|
|
// ( http://tools.ietf.org/html/draft-ietf-oauth-v2-16#section-7 )
|
|
|
|
|
// it isn't clear what the correct value should be atm, so allowing
|
|
|
|
|
// for specific (temporary?) override for now.
|
|
|
|
|
exports.OAuth2.prototype.setAccessTokenName= function ( name ) {
|
|
|
|
|
this._accessTokenName= name;
|
|
|
|
|
}
|
2010-05-02 14:43:10 +00:00
|
|
|
|
2011-08-15 22:30:47 +00:00
|
|
|
exports.OAuth2.prototype._getAccessTokenUrl= function() {
|
|
|
|
|
return this._baseSite + this._accessTokenUrl; /* + "?" + querystring.stringify(params); */
|
2010-05-02 14:43:10 +00:00
|
|
|
}
|
|
|
|
|
|
2011-08-15 22:30:47 +00:00
|
|
|
exports.OAuth2.prototype._request= function(method, url, headers, post_body, access_token, callback) {
|
2010-05-02 14:43:10 +00:00
|
|
|
|
|
|
|
|
var creds = crypto.createCredentials({ });
|
|
|
|
|
var parsedUrl= URL.parse( url, true );
|
|
|
|
|
if( parsedUrl.protocol == "https:" && !parsedUrl.port ) parsedUrl.port= 443;
|
|
|
|
|
|
|
|
|
|
var realHeaders= {};
|
|
|
|
|
if( headers ) {
|
|
|
|
|
for(var key in headers) {
|
|
|
|
|
realHeaders[key] = headers[key];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
realHeaders['Host']= parsedUrl.host;
|
2010-06-01 20:03:23 +00:00
|
|
|
|
2011-08-15 22:30:47 +00:00
|
|
|
realHeaders['Content-Length']= post_body ? Buffer.byteLength(post_body) : 0;
|
2010-05-02 14:43:10 +00:00
|
|
|
if( access_token ) {
|
|
|
|
|
if( ! parsedUrl.query ) parsedUrl.query= {};
|
2011-06-29 23:03:22 +00:00
|
|
|
parsedUrl.query[this._accessTokenName]= access_token;
|
2010-05-02 14:43:10 +00:00
|
|
|
}
|
|
|
|
|
|
2011-02-06 19:52:44 +00:00
|
|
|
var result= "";
|
2011-08-15 22:30:47 +00:00
|
|
|
var queryStr= querystring.stringify(parsedUrl.query);
|
|
|
|
|
if( queryStr ) queryStr= "?" + queryStr;
|
2011-02-06 19:52:44 +00:00
|
|
|
var options = {
|
|
|
|
|
host:parsedUrl.hostname,
|
|
|
|
|
port: parsedUrl.port,
|
2011-08-15 22:30:47 +00:00
|
|
|
path: parsedUrl.pathname + queryStr,
|
2011-02-06 19:52:44 +00:00
|
|
|
method: method,
|
|
|
|
|
headers: realHeaders
|
|
|
|
|
};
|
2010-05-02 14:43:10 +00:00
|
|
|
|
2011-08-15 22:27:06 +00:00
|
|
|
// Some hosts *cough* google appear to close the connection early / send no content-length header
|
|
|
|
|
// allow this behaviour.
|
|
|
|
|
var allowEarlyClose= OAuthUtils.isAnEarlyCloseHost(options.host);
|
|
|
|
|
var callbackCalled= false;
|
|
|
|
|
function passBackControl( response, result ) {
|
|
|
|
|
if(!callbackCalled) {
|
|
|
|
|
callbackCalled=true;
|
2011-10-26 16:05:03 +00:00
|
|
|
if( response.statusCode != 200 && (response.statusCode != 301) && (response.statusCode != 302) ) {
|
2010-08-02 09:24:54 +00:00
|
|
|
callback({ statusCode: response.statusCode, data: result });
|
2010-05-02 14:43:10 +00:00
|
|
|
} else {
|
|
|
|
|
callback(null, result, response);
|
|
|
|
|
}
|
2011-08-15 22:27:06 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2011-10-20 13:39:13 +00:00
|
|
|
var request = https.request(options, function (response) {
|
2011-08-15 22:27:06 +00:00
|
|
|
response.on("data", function (chunk) {
|
|
|
|
|
result+= chunk
|
|
|
|
|
});
|
|
|
|
|
response.on("close", function (err) {
|
|
|
|
|
if( allowEarlyClose ) {
|
|
|
|
|
passBackControl( response, result );
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
response.addListener("end", function () {
|
|
|
|
|
passBackControl( response, result );
|
2010-05-02 14:43:10 +00:00
|
|
|
});
|
|
|
|
|
});
|
2011-02-06 19:52:44 +00:00
|
|
|
request.on('error', function(e) {
|
2011-08-15 22:27:06 +00:00
|
|
|
callbackCalled= true;
|
2011-02-06 19:52:44 +00:00
|
|
|
callback(e);
|
|
|
|
|
});
|
|
|
|
|
|
2011-08-15 22:30:47 +00:00
|
|
|
if( method == 'POST' && post_body ) {
|
|
|
|
|
request.write(post_body);
|
|
|
|
|
}
|
2010-05-02 14:43:10 +00:00
|
|
|
request.end();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
exports.OAuth2.prototype.getAuthorizeUrl= function( params ) {
|
|
|
|
|
var params= params || {};
|
|
|
|
|
params['client_id'] = this._clientId;
|
|
|
|
|
params['type'] = 'web_server';
|
|
|
|
|
return this._baseSite + this._authorizeUrl + "?" + querystring.stringify(params);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
exports.OAuth2.prototype.getOAuthAccessToken= function(code, params, callback) {
|
|
|
|
|
var params= params || {};
|
2011-08-15 22:30:47 +00:00
|
|
|
params['client_id'] = this._clientId;
|
|
|
|
|
params['client_secret'] = this._clientSecret;
|
|
|
|
|
params['type']= 'web_server';
|
2010-05-02 14:43:10 +00:00
|
|
|
params['code']= code;
|
|
|
|
|
|
2011-08-15 22:30:47 +00:00
|
|
|
var post_data= querystring.stringify( params );
|
|
|
|
|
var post_headers= {
|
|
|
|
|
'Content-Type': 'application/x-www-form-urlencoded'
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
this._request("POST", this._getAccessTokenUrl(), post_headers, post_data, null, function(error, data, response) {
|
2010-05-02 14:43:10 +00:00
|
|
|
if( error ) callback(error);
|
|
|
|
|
else {
|
2010-12-12 22:38:56 +00:00
|
|
|
var results;
|
|
|
|
|
try {
|
|
|
|
|
// As of http://tools.ietf.org/html/draft-ietf-oauth-v2-07
|
|
|
|
|
// responses should be in JSON
|
|
|
|
|
results= JSON.parse( data );
|
|
|
|
|
}
|
|
|
|
|
catch(e) {
|
|
|
|
|
// .... However both Facebook + Github currently use rev05 of the spec
|
|
|
|
|
// and neither seem to specify a content-type correctly in their response headers :(
|
|
|
|
|
// clients of these services will suffer a *minor* performance cost of the exception
|
|
|
|
|
// being thrown
|
|
|
|
|
results= querystring.parse( data );
|
|
|
|
|
}
|
2010-05-02 14:43:10 +00:00
|
|
|
var access_token= results["access_token"];
|
|
|
|
|
var refresh_token= results["refresh_token"];
|
|
|
|
|
delete results["refresh_token"];
|
|
|
|
|
callback(null, access_token, refresh_token);
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
|
2010-08-05 21:49:55 +00:00
|
|
|
// Deprecated
|
2010-05-02 14:43:10 +00:00
|
|
|
exports.OAuth2.prototype.getProtectedResource= function(url, access_token, callback) {
|
2011-08-15 22:30:47 +00:00
|
|
|
this._request("GET", url, {}, "", access_token, callback );
|
2010-05-02 14:43:10 +00:00
|
|
|
}
|
2010-08-05 21:49:55 +00:00
|
|
|
|
|
|
|
|
exports.OAuth2.prototype.get= function(url, access_token, callback) {
|
2011-08-15 22:30:47 +00:00
|
|
|
this._request("GET", url, {}, "", access_token, callback );
|
2010-08-05 21:49:55 +00:00
|
|
|
}
|
