Oauth2

flitter-auth/controllers/Oauth2~ Oauth2

Provides default handlers for OAuth2 authorization and data retrieval


Constructor

new Oauth2()

Extends

Members

(private) _di_allow_defer :boolean

If true, the injector will defer the class if the class requests any services that the container is missing. These services are filled in later and added to the prototype and any instances. True by default.

Type:
  • boolean

(private) _di_deferred_instances :Array.<module:flitter-di/src/Injectable~Injectable>

Collection of instances of this class that need to have the deferred service instances injected into them when the deferred services are finally provided.

(private) _di_deferred_services :Array.<string>

List of services that were deferred and not provided at the time of injection.

Type:
  • Array.<string>

(static) services

Get the services required by this unit.

Methods

(private) _encode_uri(uri, code) → {URL}

Add the code to the URI's search query params as &code=.

Parameters:
Name Type Description
uri URL

the uri to modify

code string

the code to be added

Returns:
  • the modified uri
Type
URL

(async, private) _get_authorize_client(req) → {Promise.<(boolean|Oauth2Client)>}

Based on the request query's client_id and redirect_uri, try to fetch the Oauth2Client instance. If none is found (or invalid redirect URI), return false.

Parameters:
Name Type Description
req express/Request

the express request

Returns:
  • if valid params, return the corresponding client. Else, false.
Type
Promise.<(boolean|Oauth2Client)>

(private) _uniform(res, message, erroropt, dataopt)

Send a response in a uniform, JSON-encoded format: { success: Boolean, message: String, data: any }

Parameters:
Name Type Attributes Default Description
res express/Response

the response

message string

the message to send

error boolean <optional>
false

true if an error was encountered

data object <optional>
{}

data to be returned

(async) authorize_get(req, res, next) → {Promise.<*>}

Show the authorize request approval view to the user. This view is passed the Oauth2Client and the redirect URI as: {client: Oauth2Client, uri: URL}

Parameters:
Name Type Description
req express/Request
res express/Response
next function
Returns:
Type
Promise.<*>

(async) authorize_post(req, res, next) → {Promise.<*>}

Called when an authorization request has been approved. Generates a single-use authorization ticket for the client, adds that ticket's code to the redirect URI params, then redirects the user to the client application.

Parameters:
Name Type Description
req express/Request
res express/Response
next function
Returns:
Type
Promise.<*>

(async) data_user_get(req, res, next) → {Promise.<*>}

From the user authenticated by the request's bearer token, get the data elements configured in the auth.servers.oauth2.built_in_endpoints.user config and return them as a JSON object. Expects req.user.id to be set.

Parameters:
Name Type Description
req express/Request
res express/Response
next function
Returns:
Type
Promise.<*>

(async) redeem_token(req, res, next) → {Promise.<*>}

Redeem an authorization ticket for an OAuth2 bearer token.

Parameters:
Name Type Description
req express/Request
res express/Response
next function
Returns:
Type
Promise.<*>