diff --git a/Readme.md b/Readme.md index b003b33..c04ea75 100644 --- a/Readme.md +++ b/Readme.md @@ -10,7 +10,7 @@ Also provides rudimentary OAuth2 support, tested against facebook connect and gi Change History ============== -* 0.10.0 - OAuth2: Pass back any extra response data for calls to getOAuthAccessToken (Thanks to Tang Bo Hao) OAuth2: Don't force a https request if given a http url (Thanks to Damien Mathieu) +* 0.10.0 - OAuth2: Pass back any extra response data for calls to getOAuthAccessToken (Thanks to Tang Bo Hao) OAuth2: Don't force a https request if given a http url (Thanks to Damien Mathieu) OAuth2: Supports specifying a grant_type of 'refresh_token' (Thanks to Luke Baker) * 0.9.6 - Support for 302 redirects on OAuth2 (Thanks Patrick Negri). Some code tidying. ( Thanks to Raoul Millais ) * 0.9.5 - Allow usage of HTTP verbs other than GET for retrieving the access and request tokens (OAuth1) (Thanks to Raoul Millais) * 0.9.4 - Support for OAuth providers that drop connections (don't send response lengths? [Google]) And change OAuth2 getOAuthAccessToken to POST rather than GET ( Possible Breaking change!!! ... re-tested against Google, Github, Facebook, FourSquare and Janrain and seems ok .. is closer to the spec (v20) ) @@ -42,3 +42,4 @@ Contributors * Patrick Negri - http://github.com/pnegri * Tang Bo Hao - http://github.com/btspoony * Damien Mathieu - http://42.dmathieu.com +* Luke Baker - http://github.com/lukebaker diff --git a/lib/oauth2.js b/lib/oauth2.js index 4cfe290..191d3ef 100644 --- a/lib/oauth2.js +++ b/lib/oauth2.js @@ -118,7 +118,8 @@ exports.OAuth2.prototype.getOAuthAccessToken= function(code, params, callback) { params['client_id'] = this._clientId; params['client_secret'] = this._clientSecret; params['type']= 'web_server'; - params['code']= code; + var codeParam = (params.grant_type === 'refresh_token') ? 'refresh_token' : 'code'; + params[codeParam]= code; var post_data= querystring.stringify( params ); var post_headers= { diff --git a/tests/oauth2.js b/tests/oauth2.js index 1799d11..4eb47cd 100644 --- a/tests/oauth2.js +++ b/tests/oauth2.js @@ -3,8 +3,9 @@ var vows = require('vows'), OAuth2= require('../lib/oauth2').OAuth2; vows.describe('OAuth2').addBatch({ - 'When handling the access token response': { - topic: new OAuth2(), + 'Given an OAuth2 instance, ': { + topic: new OAuth2(), + 'When handling the access token response': { 'we should correctly extract the token if received as form-data': function (oa) { oa._request= function( method, url, fo, bar, bleh, callback) { callback(null, "access_token=access&refresh_token=refresh"); @@ -35,5 +36,32 @@ vows.describe('OAuth2').addBatch({ assert.equal( results.extra_2, "foo"); }); } + }, + 'When no grant_type parameter is specified': { + 'we should pass the value of the code argument as the code parameter': function(oa) { + oa._request= function(method, url, headers, post_body, access_token, callback) { + assert.isTrue( post_body.indexOf("code=xsds23") != -1 ) + } + oa.getOAuthAccessToken("xsds23", {} ); + } + }, + 'When an invalid grant_type parameter is specified': { + 'we should pass the value of the code argument as the code parameter': function(oa) { + oa._request= function(method, url, headers, post_body, access_token, callback) { + assert.isTrue( post_body.indexOf("code=xsds23") != -1 ) + } + oa.getOAuthAccessToken("xsds23", {grant_type:"refresh_toucan"} ); + } + }, + 'When a grant_type parameter of value "refresh_token" is specified': { + 'we should pass the value of the code argument as the refresh_token parameter, should pass a grant_type parameter, but shouldn\'t pass a code parameter' : function(oa) { + oa._request= function(method, url, headers, post_body, access_token, callback) { + assert.isTrue( post_body.indexOf("refresh_token=sdsds2") != -1 ) + assert.isTrue( post_body.indexOf("grant_type=refresh_token") != -1 ) + assert.isTrue( post_body.indexOf("code=") == -1 ) + } + oa.getOAuthAccessToken("sdsds2", {grant_type:"refresh_token"} ); + } + } } }).export(module); \ No newline at end of file