OAuth2 getOAuthAccessToken now POSTs rather than GET as per the spec (v20)
This commit is contained in:
ciaranj
@ -22,16 +22,11 @@ exports.OAuth2.prototype.setAccessTokenName= function ( name ) {
|
||||
this._accessTokenName= name;
|
||||
}
|
||||
|
||||
exports.OAuth2.prototype._getAccessTokenUrl= function( params ) {
|
||||
var params= params || {};
|
||||
params['client_id'] = this._clientId;
|
||||
params['client_secret'] = this._clientSecret;
|
||||
params['type']= 'web_server';
|
||||
|
||||
return this._baseSite + this._accessTokenUrl + "?" + querystring.stringify(params);
|
||||
exports.OAuth2.prototype._getAccessTokenUrl= function() {
|
||||
return this._baseSite + this._accessTokenUrl; /* + "?" + querystring.stringify(params); */
|
||||
}
|
||||
|
||||
exports.OAuth2.prototype._request= function(method, url, headers, access_token, callback) {
|
||||
exports.OAuth2.prototype._request= function(method, url, headers, post_body, access_token, callback) {
|
||||
|
||||
var creds = crypto.createCredentials({ });
|
||||
var parsedUrl= URL.parse( url, true );
|
||||
@ -45,19 +40,19 @@ exports.OAuth2.prototype._request= function(method, url, headers, access_token,
|
||||
}
|
||||
realHeaders['Host']= parsedUrl.host;
|
||||
|
||||
//TODO: Content length should be dynamic when dealing with POST methods....
|
||||
realHeaders['Content-Length']= 0;
|
||||
realHeaders['Content-Length']= post_body ? Buffer.byteLength(post_body) : 0;
|
||||
if( access_token ) {
|
||||
if( ! parsedUrl.query ) parsedUrl.query= {};
|
||||
parsedUrl.query[this._accessTokenName]= access_token;
|
||||
}
|
||||
|
||||
var result= "";
|
||||
|
||||
var queryStr= querystring.stringify(parsedUrl.query);
|
||||
if( queryStr ) queryStr= "?" + queryStr;
|
||||
var options = {
|
||||
host:parsedUrl.hostname,
|
||||
port: parsedUrl.port,
|
||||
path: parsedUrl.pathname + "?" + querystring.stringify(parsedUrl.query),
|
||||
path: parsedUrl.pathname + queryStr,
|
||||
method: method,
|
||||
headers: realHeaders
|
||||
};
|
||||
@ -90,12 +85,14 @@ exports.OAuth2.prototype._request= function(method, url, headers, access_token,
|
||||
passBackControl( response, result );
|
||||
});
|
||||
});
|
||||
|
||||
request.on('error', function(e) {
|
||||
callbackCalled= true;
|
||||
callback(e);
|
||||
});
|
||||
|
||||
if( method == 'POST' && post_body ) {
|
||||
request.write(post_body);
|
||||
}
|
||||
request.end();
|
||||
}
|
||||
|
||||
@ -109,9 +106,19 @@ exports.OAuth2.prototype.getAuthorizeUrl= function( params ) {
|
||||
|
||||
exports.OAuth2.prototype.getOAuthAccessToken= function(code, params, callback) {
|
||||
var params= params || {};
|
||||
params['client_id'] = this._clientId;
|
||||
params['client_secret'] = this._clientSecret;
|
||||
params['type']= 'web_server';
|
||||
params['code']= code;
|
||||
|
||||
this._request("POST", this._getAccessTokenUrl(params), {}, null, function(error, data, response) {
|
||||
var post_data= querystring.stringify( params );
|
||||
var post_headers= {
|
||||
'Content-Type': 'application/x-www-form-urlencoded'
|
||||
};
|
||||
|
||||
|
||||
this._request("POST", this._getAccessTokenUrl(), post_headers, post_data, null, function(error, data, response) {
|
||||
console.log( 'e> ' + error)
|
||||
if( error ) callback(error);
|
||||
else {
|
||||
var results;
|
||||
@ -137,9 +144,9 @@ exports.OAuth2.prototype.getOAuthAccessToken= function(code, params, callback) {
|
||||
|
||||
// Deprecated
|
||||
exports.OAuth2.prototype.getProtectedResource= function(url, access_token, callback) {
|
||||
this._request("GET", url, {}, access_token, callback );
|
||||
this._request("GET", url, {}, "", access_token, callback );
|
||||
}
|
||||
|
||||
exports.OAuth2.prototype.get= function(url, access_token, callback) {
|
||||
this._request("GET", url, {}, access_token, callback );
|
||||
this._request("GET", url, {}, "", access_token, callback );
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user