Refactoring oauth token handling functions

revert-70aa11f8
dilanua 9 years ago
parent d05c6e2170
commit b72d099641

@ -17,45 +17,118 @@
*/ */
var apiWrapperUtil = function () { var apiWrapperUtil = function () {
// var log = new Log("/app/modules/api-wrapper-util.js"); var log = new Log("/app/modules/api-wrapper-util.js");
var tokenUtil = require("/app/modules/util.js")["util"]; var tokenUtil = require("/app/modules/util.js")["util"];
var constants = require("/app/modules/constants.js"); var constants = require("/app/modules/constants.js");
var devicemgtProps = require("/app/conf/reader/main.js")["conf"]; var devicemgtProps = require("/app/conf/reader/main.js")["conf"];
var privateMethods = {};
var publicMethods = {}; var publicMethods = {};
privateMethods.setUpEncodedTenantBasedClientCredentials = function (username) {
if (!username) {
log.error("Could not set up encoded tenant based client credentials " +
"to session context. No username is found as input.");
} else {
var dynamicClientCredentials = tokenUtil.getDyanmicClientCredentials();
if (!dynamicClientCredentials) {
log.error("Could not set up encoded tenant based client credentials " +
"to session context as the server is unable to obtain dynamic client credentials.");
} else {
var jwtToken = tokenUtil.getTokenWithJWTGrantType(dynamicClientCredentials);
if (!jwtToken) {
log.error("Could not set up encoded tenant based client credentials " +
"to session context as the server is unable to obtain a jwt token.");
} else {
var tenantBasedClientCredentials = tokenUtil.getTenantBasedAppCredentials(username, jwtToken);
if (!tenantBasedClientCredentials) {
log.error("Could not set up encoded tenant based client credentials " +
"to session context as the server is unable to obtain such credentials.");
} else {
var encodedTenantBasedClientCredentials =
tokenUtil.encode(tenantBasedClientCredentials["clientId"] + ":" +
tenantBasedClientCredentials["clientSecret"]);
// setting up encoded tenant based client credentials to session context.
session.put(constants["ENCODED_CLIENT_KEYS_IDENTIFIER"], encodedTenantBasedClientCredentials);
}
}
}
}
};
publicMethods.refreshToken = function () { publicMethods.refreshToken = function () {
var accessTokenPair = session.get(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"]); var accessTokenPair = parse(session.get(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"]));
// accessTokenPair includes current access token as well as current refresh token // accessTokenPair includes current access token as well as current refresh token
var encodedClientCredentials = session.get(constants["ENCODED_CLIENT_KEYS_IDENTIFIER"]); var encodedClientCredentials = session.get(constants["ENCODED_CLIENT_KEYS_IDENTIFIER"]);
accessTokenPair = tokenUtil.refreshToken(accessTokenPair, encodedClientCredentials); if (!accessTokenPair || !encodedClientCredentials) {
session.put(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"], accessTokenPair); log.error("Error in refreshing tokens. Either the access token pair, " +
"encoded client credentials or both input are not found under session context.");
} else {
var newAccessTokenPair = tokenUtil.refreshToken(accessTokenPair, encodedClientCredentials);
if (!newAccessTokenPair) {
log.error("Error in refreshing tokens. Unable to update " +
"session context with new access token pair.");
} else {
session.put(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"], stringify(newAccessTokenPair));
}
}
}; };
publicMethods.setupAccessTokenPair = function (type, properties) { publicMethods.setupAccessTokenPairByPasswordGrantType = function (username, password) {
var dynamicClientCredentials = tokenUtil.getDyanmicCredentials(properties); if (!username || !password) {
var jwtToken = tokenUtil.getTokenWithJWTGrantType(dynamicClientCredentials); log.error("Could not set up access token pair by password grant type. " +
var tenantBasedClientCredentials = tokenUtil.getTenantBasedAppCredentials(properties["username"], jwtToken); "Either username, password or both are missing as input.");
var encodedTenantBasedClientCredentials = tokenUtil. } else {
encode(tenantBasedClientCredentials["clientId"] + ":" + tenantBasedClientCredentials["clientSecret"]); privateMethods.setUpEncodedTenantBasedClientCredentials(username);
var encodedClientCredentials = session.get(constants["ENCODED_CLIENT_KEYS_IDENTIFIER"]);
session.put(constants["ENCODED_CLIENT_KEYS_IDENTIFIER"], encodedTenantBasedClientCredentials); if (!encodedClientCredentials) {
log.error("Could not set up access token pair by password grant type. " +
"Encoded client credentials are missing.");
} else {
var accessTokenPair; var accessTokenPair;
// accessTokenPair will include current access token as well as current refresh token // accessTokenPair will include current access token as well as current refresh token
if (type == constants["GRANT_TYPE_PASSWORD"]) {
var arrayOfScopes = devicemgtProps["scopes"]; var arrayOfScopes = devicemgtProps["scopes"];
var stringOfScopes = ""; var stringOfScopes = "";
arrayOfScopes.forEach(function (entry) { stringOfScopes += entry + " "; }); arrayOfScopes.forEach(function (entry) {
accessTokenPair = tokenUtil.getTokenWithPasswordGrantType(properties["username"], stringOfScopes += entry + " ";
encodeURIComponent(properties["password"]), encodedTenantBasedClientCredentials, stringOfScopes); });
} else if (type == constants["GRANT_TYPE_SAML"]) { accessTokenPair = tokenUtil.
accessTokenPair = tokenUtil.getTokenWithSAMLGrantType(properties["samlToken"], getTokenWithPasswordGrantType(username,
encodedTenantBasedClientCredentials, "PRODUCTION"); encodeURIComponent(password), encodedClientCredentials, stringOfScopes);
if (!accessTokenPair) {
log.error("Could not set up access token pair by password grant type. Error in token retrieval.");
} else {
// setting up access token pair into session context as a string
session.put(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"], stringify(accessTokenPair));
} }
}
}
};
session.put(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"], accessTokenPair); publicMethods.setupAccessTokenPairBySamlGrantType = function (username, samlToken) {
if (!username || !samlToken) {
log.error("Could not set up access token pair by saml grant type. " +
"Either username, samlToken or both are missing as input.");
} else {
privateMethods.setUpEncodedTenantBasedClientCredentials(username);
var encodedClientCredentials = session.get(constants["ENCODED_CLIENT_KEYS_IDENTIFIER"]);
if (!encodedClientCredentials) {
log.error("Could not set up access token pair by saml grant type. " +
"Encoded client credentials are missing.");
} else {
var accessTokenPair;
// accessTokenPair will include current access token as well as current refresh token
accessTokenPair = tokenUtil.
getTokenWithSAMLGrantType(samlToken, encodedClientCredentials, "PRODUCTION");
if (!accessTokenPair) {
log.error("Could not set up access token pair by password grant type. Error in token retrieval.");
} else {
// setting up access token pair into session context as a string
session.put(constants["ACCESS_TOKEN_PAIR_IDENTIFIER"], stringify(accessTokenPair));
}
}
}
}; };
return publicMethods; return publicMethods;

Loading…
Cancel
Save