wiki-cafe/node-oauth
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'add_support_for_oauth2_token_refresh' into merge_mayhem

Browse Source
This commit is contained in:
ciaranj 2012-04-24 21:42:12 +01:00
commit 80d6909042
3 changed files with 34 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Readme.md
View File

@ -10,7 +10,7 @@ Also provides rudimentary OAuth2 support, tested against facebook connect and gi
Change History Change History
============== ==============
* 0.10.0 - OAuth2: Pass back any extra response data for calls to getOAuthAccessToken (Thanks to Tang Bo Hao) OAuth2: Don't force a https request if given a http url (Thanks to Damien Mathieu) * 0.10.0 - OAuth2: Pass back any extra response data for calls to getOAuthAccessToken (Thanks to Tang Bo Hao) OAuth2: Don't force a https request if given a http url (Thanks to Damien Mathieu) OAuth2: Supports specifying a grant_type of 'refresh_token' (Thanks to Luke Baker)
* 0.9.6 - Support for 302 redirects on OAuth2 (Thanks Patrick Negri). Some code tidying. ( Thanks to Raoul Millais ) * 0.9.6 - Support for 302 redirects on OAuth2 (Thanks Patrick Negri). Some code tidying. ( Thanks to Raoul Millais )
* 0.9.5 - Allow usage of HTTP verbs other than GET for retrieving the access and request tokens (OAuth1) (Thanks to Raoul Millais) * 0.9.5 - Allow usage of HTTP verbs other than GET for retrieving the access and request tokens (OAuth1) (Thanks to Raoul Millais)
* 0.9.4 - Support for OAuth providers that drop connections (don't send response lengths? [Google]) And change OAuth2 getOAuthAccessToken to POST rather than GET ( Possible Breaking change!!! ... re-tested against Google, Github, Facebook, FourSquare and Janrain and seems ok .. is closer to the spec (v20) ) * 0.9.4 - Support for OAuth providers that drop connections (don't send response lengths? [Google]) And change OAuth2 getOAuthAccessToken to POST rather than GET ( Possible Breaking change!!! ... re-tested against Google, Github, Facebook, FourSquare and Janrain and seems ok .. is closer to the spec (v20) )
@ -42,3 +42,4 @@ Contributors
* Patrick Negri - http://github.com/pnegri * Patrick Negri - http://github.com/pnegri
* Tang Bo Hao - http://github.com/btspoony * Tang Bo Hao - http://github.com/btspoony
* Damien Mathieu - http://42.dmathieu.com * Damien Mathieu - http://42.dmathieu.com
* Luke Baker - http://github.com/lukebaker

3
lib/oauth2.js
View File

@ -118,7 +118,8 @@ exports.OAuth2.prototype.getOAuthAccessToken= function(code, params, callback) {
params['client_id'] = this._clientId; params['client_id'] = this._clientId;
params['client_secret'] = this._clientSecret; params['client_secret'] = this._clientSecret;
params['type']= 'web_server'; params['type']= 'web_server';
params['code']= code; var codeParam = (params.grant_type === 'refresh_token') ? 'refresh_token' : 'code';
params[codeParam]= code;
var post_data= querystring.stringify( params ); var post_data= querystring.stringify( params );
var post_headers= { var post_headers= {

30
tests/oauth2.js
View File

@ -3,8 +3,9 @@ var vows = require('vows'),
OAuth2= require('../lib/oauth2').OAuth2; OAuth2= require('../lib/oauth2').OAuth2;
vows.describe('OAuth2').addBatch({ vows.describe('OAuth2').addBatch({
'When handling the access token response': { 'Given an OAuth2 instance, ': {
topic: new OAuth2(), topic: new OAuth2(),
'When handling the access token response': {
'we should correctly extract the token if received as form-data': function (oa) { 'we should correctly extract the token if received as form-data': function (oa) {
oa._request= function( method, url, fo, bar, bleh, callback) { oa._request= function( method, url, fo, bar, bleh, callback) {
callback(null, "access_token=access&refresh_token=refresh"); callback(null, "access_token=access&refresh_token=refresh");
@ -35,5 +36,32 @@ vows.describe('OAuth2').addBatch({
assert.equal( results.extra_2, "foo"); assert.equal( results.extra_2, "foo");
}); });
} }
},
'When no grant_type parameter is specified': {
'we should pass the value of the code argument as the code parameter': function(oa) {
oa._request= function(method, url, headers, post_body, access_token, callback) {
assert.isTrue( post_body.indexOf("code=xsds23") != -1 )
}
oa.getOAuthAccessToken("xsds23", {} );
}
},
'When an invalid grant_type parameter is specified': {
'we should pass the value of the code argument as the code parameter': function(oa) {
oa._request= function(method, url, headers, post_body, access_token, callback) {
assert.isTrue( post_body.indexOf("code=xsds23") != -1 )
}
oa.getOAuthAccessToken("xsds23", {grant_type:"refresh_toucan"} );
}
},
'When a grant_type parameter of value "refresh_token" is specified': {
'we should pass the value of the code argument as the refresh_token parameter, should pass a grant_type parameter, but shouldn\'t pass a code parameter' : function(oa) {
oa._request= function(method, url, headers, post_body, access_token, callback) {
assert.isTrue( post_body.indexOf("refresh_token=sdsds2") != -1 )
assert.isTrue( post_body.indexOf("grant_type=refresh_token") != -1 )
assert.isTrue( post_body.indexOf("code=") == -1 )
}
oa.getOAuthAccessToken("sdsds2", {grant_type:"refresh_token"} );
}
}
} }
}).export(module); }).export(module);