mirror of
https://github.com/meteor/meteor.git
synced 2026-05-02 03:01:46 -04:00
105 lines
2.9 KiB
JavaScript
105 lines
2.9 KiB
JavaScript
OAuth.registerService("meteor-developer", 2, null, async query => {
|
|
const response = await getTokens(query);
|
|
const { accessToken } = response;
|
|
const identity = await getIdentity(accessToken);
|
|
|
|
const serviceData = {
|
|
accessToken: OAuth.sealSecret(accessToken),
|
|
expiresAt: (+new Date) + (1000 * response.expiresIn)
|
|
};
|
|
|
|
Object.assign(serviceData, identity);
|
|
|
|
// only set the token in serviceData if it's there. this ensures
|
|
// that we don't lose old ones (since we only get this on the first
|
|
// log in attempt)
|
|
if (response.refreshToken)
|
|
serviceData.refreshToken = OAuth.sealSecret(response.refreshToken);
|
|
|
|
return {
|
|
serviceData,
|
|
options: {profile: {name: serviceData.username}}
|
|
// XXX use username for name until meteor accounts has a profile with a name
|
|
};
|
|
});
|
|
|
|
// returns an object containing:
|
|
// - accessToken
|
|
// - expiresIn: lifetime of token in seconds
|
|
// - refreshToken, if this is the first authorization request and we got a
|
|
// refresh token from the server
|
|
const getTokens = async (query) => {
|
|
const config = await ServiceConfiguration.configurations.findOneAsync({
|
|
service: 'meteor-developer',
|
|
});
|
|
if (!config) {
|
|
throw new ServiceConfiguration.ConfigError();
|
|
}
|
|
|
|
const body = OAuth._addValuesToQueryParams({
|
|
grant_type: 'authorization_code',
|
|
code: query.code,
|
|
client_id: config.clientId,
|
|
client_secret: OAuth.openSecret(config.secret),
|
|
redirect_uri: OAuth._redirectUri('meteor-developer', config),
|
|
}).toString();
|
|
|
|
return OAuth._fetch(
|
|
MeteorDeveloperAccounts._server + '/oauth2/token',
|
|
'POST',
|
|
{
|
|
headers: {
|
|
Accept: 'application/json',
|
|
'Content-type': 'application/x-www-form-urlencoded',
|
|
},
|
|
body,
|
|
}
|
|
)
|
|
.then((data) => data.json())
|
|
.then((data) => {
|
|
if (data.error) {
|
|
throw new Error(
|
|
'Failed to complete OAuth handshake with Meteor developer accounts. ' +
|
|
(data ? data.error : 'No response data')
|
|
);
|
|
}
|
|
return {
|
|
accessToken: data.access_token,
|
|
refreshToken: data.refresh_token,
|
|
expiresIn: data.expires_in,
|
|
};
|
|
})
|
|
.catch((err) => {
|
|
throw Object.assign(
|
|
new Error(
|
|
`Failed to complete OAuth handshake with Meteor developer accounts. ${err.message}`
|
|
),
|
|
{ response: err.response }
|
|
);
|
|
});
|
|
};
|
|
|
|
const getIdentity = async (accessToken) => {
|
|
return OAuth._fetch(
|
|
`${MeteorDeveloperAccounts._server}/api/v1/identity`,
|
|
'GET',
|
|
{
|
|
headers: { Authorization: `Bearer ${accessToken}` },
|
|
}
|
|
)
|
|
.then((data) => data.json())
|
|
.catch((err) => {
|
|
throw Object.assign(
|
|
new Error(
|
|
'Failed to fetch identity from Meteor developer accounts. ' +
|
|
err.message
|
|
),
|
|
{ response: err.response }
|
|
);
|
|
});
|
|
};
|
|
|
|
MeteorDeveloperAccounts.retrieveCredential =
|
|
(credentialToken, credentialSecret) =>
|
|
OAuth.retrieveCredential(credentialToken, credentialSecret);
|