Last active
December 27, 2018 18:58
-
-
Save neverendingqs/4b629a61d1d073d279c7e1ffa7e651e6 to your computer and use it in GitHub Desktop.
Git Examples using oauth2-client-shell (https://github.com/neverendingqs/oauth2-client-shell)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ git grep --break -p authCodeScope | |
src/lib/utility.js=module.exports = { | |
src/lib/utility.js: authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE, | |
src/lib/views.js=var index = function(req, cookie, error) { | |
src/lib/views.js: authCodeScope: cookie.authCodeScope, | |
src/server.js=app.post('/auth', function(req, res) { | |
src/server.js: cookie.authCodeScope = req.body.scope; | |
src/server.js: + "&scope=" + cookie.authCodeScope | |
src/views/index.ejs: <input type="text" class="form-control" name="scope" id="auth-code-scope" placeholder="profile" value="<%= authCodeScope %>"></input> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ git log -L /cookieFromDefaults/,/^}/:src/lib/utility.js | |
commit 66333d76ab569d778229fb8b675fb1364f05360a | |
Author: Mark Tse <neverendingqs@users.noreply.github.com> | |
Date: Sat Nov 12 21:37:49 2016 -0500 | |
ci - adding cookie to smoke test and adding new test for reset. (#41) | |
diff --git a/src/lib/utility.js b/src/lib/utility.js | |
--- a/src/lib/utility.js | |
+++ b/src/lib/utility.js | |
@@ -1,16 +6,11 @@ | |
-module.exports = { | |
- getRedirectUri: function(req) { | |
- return req.protocol + "://" + req.headers.host + "/"; | |
- }, | |
- | |
- cookieFromDefaults: function() { | |
- return { | |
- authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE, | |
- authEndpoint: process.env.DEFAULT_AUTH_ENDPOINT, | |
- clientId: process.env.DEFAULT_CLIENT_ID, | |
- clientSecret: process.env.DEFAULT_CLIENT_SECRET, | |
- customParams: process.env.DEFAULT_CUSTOM_PARAMS, | |
- tokenEndpoint: process.env.DEFAULT_TOKEN_ENDPOINT | |
- }; | |
- } | |
-}; | |
+ cookieFromDefaults: function() { | |
+ return { | |
+ authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE, | |
+ authEndpoint: process.env.DEFAULT_AUTH_ENDPOINT, | |
+ clientId: process.env.DEFAULT_CLIENT_ID, | |
+ clientSecret: process.env.DEFAULT_CLIENT_SECRET, | |
+ customParams: process.env.DEFAULT_CUSTOM_PARAMS, | |
+ tokenEndpoint: process.env.DEFAULT_TOKEN_ENDPOINT | |
+ }; | |
+ } | |
+}; | |
commit 1cb3a5ce5314ad4cae1c7bce04594cd461eaaf73 | |
Author: Mark Tse <neverendingqs@users.noreply.github.com> | |
Date: Sat Nov 5 20:30:28 2016 -0400 | |
app - preventing defaults from being modified. (#38) | |
diff --git a/lib/utility.js b/lib/utility.js | |
--- a/lib/utility.js | |
+++ b/lib/utility.js | |
@@ -1,14 +1,16 @@ | |
module.exports = { | |
getRedirectUri: function(req) { | |
return req.protocol + "://" + req.headers.host + "/"; | |
}, | |
- cookieFromDefaults: { | |
- authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE, | |
- authEndpoint: process.env.DEFAULT_AUTH_ENDPOINT, | |
- clientId: process.env.DEFAULT_CLIENT_ID, | |
- clientSecret: process.env.DEFAULT_CLIENT_SECRET, | |
- customParams: process.env.DEFAULT_CUSTOM_PARAMS, | |
- tokenEndpoint: process.env.DEFAULT_TOKEN_ENDPOINT | |
+ cookieFromDefaults: function() { | |
+ return { | |
+ authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE, | |
+ authEndpoint: process.env.DEFAULT_AUTH_ENDPOINT, | |
+ clientId: process.env.DEFAULT_CLIENT_ID, | |
+ clientSecret: process.env.DEFAULT_CLIENT_SECRET, | |
+ customParams: process.env.DEFAULT_CUSTOM_PARAMS, | |
+ tokenEndpoint: process.env.DEFAULT_TOKEN_ENDPOINT | |
+ }; | |
} | |
}; | |
commit fafb3464965b2a438129aa3b950233296cd013e5 | |
Author: Mark Tse <neverendingqs@users.noreply.github.com> | |
Date: Sat Aug 13 15:03:55 2016 -0400 | |
Added support for pre-populating form inputs. (#33) | |
diff --git a/lib/utility.js b/lib/utility.js | |
--- a/lib/utility.js | |
+++ b/lib/utility.js | |
@@ -1,5 +1,14 @@ | |
module.exports = { | |
getRedirectUri: function(req) { | |
return req.protocol + "://" + req.headers.host + "/"; | |
+ }, | |
+ | |
+ cookieFromDefaults: { | |
+ authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE, | |
+ authEndpoint: process.env.DEFAULT_AUTH_ENDPOINT, | |
+ clientId: process.env.DEFAULT_CLIENT_ID, | |
+ clientSecret: process.env.DEFAULT_CLIENT_SECRET, | |
+ customParams: process.env.DEFAULT_CUSTOM_PARAMS, | |
+ tokenEndpoint: process.env.DEFAULT_TOKEN_ENDPOINT | |
} | |
}; | |
commit 57e1f3b0c056fc61f94defc9958f7fac628d95c2 | |
Author: Mark Tse <neverendingqs@users.noreply.github.com> | |
Date: Fri Jul 8 22:56:43 2016 -0400 | |
Listing redirect URI onto page; resolves #20. (#21) | |
diff --git a/lib/utility.js b/lib/utility.js | |
--- /dev/null | |
+++ b/lib/utility.js | |
@@ -0,0 +1,5 @@ | |
+module.exports = { | |
+ getRedirectUri: function(req) { | |
+ return req.protocol + "://" + req.headers.host + "/"; | |
+ } | |
+}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ git log -p -S cookieOptions | |
commit 66493bddb73f027b209572495c7b4aa242eddc62 | |
Author: Mark Tse <neverendingqs@users.noreply.github.com> | |
Date: Sun Nov 13 17:40:34 2016 -0500 | |
test - code fix; fixing up tests to always check for csrf token; enriching auth code response test. (#46) | |
diff --git a/src/server.js b/src/server.js | |
index 6c01333..bf1b4c9 100755 | |
--- a/src/server.js | |
+++ b/src/server.js | |
@@ -59,6 +59,7 @@ app.get('/', function(req, res) { | |
} | |
cookie.authCode = req.query.code; | |
cookie.focus = "user-tokens"; | |
+ res.cookie(cookieName, cookie, cookieOptions); | |
} | |
res.render('index', views.index(req, cookie)); | |
commit 0a4213ed92d61f56a204cc5298b59e2330a42487 | |
Author: Mark Tse <mark.tse@neverendingqs.com> | |
Date: Mon Jul 4 17:30:16 2016 -0400 | |
Added functionality to trade in refresh token; resolves #9. | |
diff --git a/server.js b/server.js | |
index 2bdcd18..33e8458 100755 | |
--- a/server.js | |
+++ b/server.js | |
@@ -100,6 +100,41 @@ app.post('/token', function(req, res) { | |
}) | |
}); | |
+app.post('/refresh', function(req, res) { | |
+ var cookie = req.cookies[cookieName] || {}; | |
+ cookie.tokenEndpoint = req.body.token_endpoint; | |
+ cookie.refreshToken = req.body.refresh_token; | |
+ cookie.clientId = req.body.client_id; | |
+ cookie.clientSecret = req.body.client_secret; | |
+ cookie.accessToken = null; | |
+ res.cookie(cookieName, cookie, cookieOptions); | |
+ | |
+ var payload = { | |
+ grant_type: "refresh_token", | |
+ redirect_uri: req.protocol + "://" + req.headers.host + "/", | |
+ refresh_token: cookie.refreshToken | |
+ }; | |
+ | |
+ request | |
+ .post(cookie.tokenEndpoint) | |
+ .auth(cookie.clientId, cookie.clientSecret) | |
+ .type('form') | |
+ .send(payload) | |
+ .end(function(err, postResponse) { | |
+ if (err) { | |
+ console.log("Error trading in refresh token:") | |
+ console.log(err); | |
+ res.redirect('/?error=' + JSON.stringify(postResponse.body)); | |
+ } else { | |
+ cookie.accessToken = postResponse.body.access_token; | |
+ cookie.refreshToken = postResponse.body.refresh_token || cookie.refreshToken; | |
+ res.cookie(cookieName, cookie, cookieOptions); | |
+ | |
+ res.redirect('/'); | |
+ } | |
+ }) | |
+}); | |
+ | |
app.listen(port); | |
console.log(`Started on port ${port}.`); | |
console.log(`Running with cookieOptions.secure == ${cookieOptions.secure}.`); | |
commit 45f63fda59921edf4d5bb43ac36a9aeb4b68da9f | |
Author: Mark Tse <mark.tse@neverendingqs.com> | |
Date: Sun Jul 3 23:53:49 2016 -0400 | |
Added button for clearing authorization code and tokens. | |
diff --git a/server.js b/server.js | |
index 2cdde22..4f65fc9 100755 | |
--- a/server.js | |
+++ b/server.js | |
@@ -28,6 +28,12 @@ app.get('/', function(req, res) { | |
if (req.query.reset === "true") { | |
res.cookie(cookieName, "", { expires: new Date() }); | |
res.render('index', views.index({})); | |
+ } else if (req.query.clear === "true") { | |
+ cookie.authCode = null; | |
+ cookie.accessToken = null; | |
+ cookie.refreshToken = null; | |
+ res.cookie(cookieName, cookie, cookieOptions); | |
+ res.render('index', views.index(cookie)); | |
} else if (req.query.state && req.query.state !== state) { | |
var error = `Authorization endpoint sent back the wrong state! Expected '${req.query.state} but got '${state}' from the server.`; | |
res.render('index', views.index(cookie, error)); | |
commit dcc7d3c2bd28d353c235e413e53acea4bf417358 | |
Author: Mark Tse <mark.tse@neverendingqs.com> | |
Date: Sat Jul 2 22:08:29 2016 -0400 | |
Added functionality for trading in an authorization code for an access token. | |
diff --git a/server.js b/server.js | |
index 5d7568a..bf648ad 100755 | |
--- a/server.js | |
+++ b/server.js | |
@@ -2,6 +2,7 @@ var cookieName = "oAuth2ClientShell"; | |
var express = require('express'); | |
var cookieParser = require('cookie-parser') | |
+var request = require('superagent'); | |
var port = process.env.PORT || 3000; | |
var cookieOptions = { | |
@@ -30,7 +31,11 @@ app.get('/', function(req, res) { | |
authCode: cookie.authCode, | |
authEndpoint: cookie.authEndpoint, | |
clientId: cookie.clientId, | |
- scope: cookie.scope | |
+ scope: cookie.scope, | |
+ tokenEndpoint: cookie.tokenEndpoint, | |
+ clientSecret: cookie.clientSecret, | |
+ accessToken: cookie.accessToken, | |
+ refreshToken: cookie.refreshToken | |
}; | |
res.render('index', locals); | |
@@ -41,18 +46,62 @@ app.get('/auth', function(req, res) { | |
cookie.authEndpoint = req.query.auth_endpoint; | |
cookie.clientId = req.query.client_id; | |
cookie.scope = req.query.scope; | |
- | |
res.cookie(cookieName, cookie, cookieOptions); | |
- var authCodeRequest = req.query.auth_endpoint | |
+ var authCodeRequest = cookie.authEndpoint | |
+ "?response_type=code" | |
+ "&redirect_uri=" + req.protocol + "://" + req.headers.host + "/" | |
- + "&client_id=" + req.query.client_id | |
- + "&scope=" + req.query.scope; | |
+ + "&client_id=" + cookie.clientId | |
+ + "&scope=" + cookie.scope; | |
res.redirect(authCodeRequest); | |
}); | |
+app.get('/token', function(req, res) { | |
+ var cookie = req.cookies[cookieName] || {}; | |
+ cookie.tokenEndpoint = req.query.token_endpoint; | |
+ cookie.authCode = req.query.auth_code; | |
+ cookie.clientId = req.query.client_id; | |
+ cookie.clientSecret = req.query.client_secret; | |
+ res.cookie(cookieName, cookie, cookieOptions); | |
+ | |
+ var payload = { | |
+ grant_type: "authorization_code", | |
+ redirect_uri: req.protocol + "://" + req.headers.host + "/", | |
+ client_id: cookie.clientId, | |
+ client_secret: cookie.clientSecret, | |
+ code: cookie.authCode | |
+ }; | |
+ | |
+ request.post(cookie.tokenEndpoint) | |
+ .type('form') | |
+ .send(payload) | |
+ .end(function(err, postResponse) { | |
+ if (err) { | |
+ console.log("Error trading in authorization code:") | |
+ console.log(err); | |
+ // TODO: return with proper error message | |
+ } | |
+ | |
+ cookie.accessToken = postResponse.body.access_token; | |
+ cookie.refreshToken = postResponse.body.refresh_token || "Not provided by token endpoint."; | |
+ res.cookie(cookieName, cookie, cookieOptions); | |
+ | |
+ var locals = { | |
+ authCode: cookie.authCode, | |
+ authEndpoint: cookie.authEndpoint, | |
+ clientId: cookie.clientId, | |
+ scope: cookie.scope, | |
+ tokenEndpoint: cookie.tokenEndpoint, | |
+ clientSecret: cookie.clientSecret, | |
+ accessToken: cookie.accessToken, | |
+ refreshToken: cookie.refreshToken | |
+ }; | |
+ | |
+ res.render('index', locals); | |
+ }) | |
+}); | |
+ | |
app.listen(port); | |
console.log(`Started on port ${port}.`); | |
console.log(`Running with cookieOptions.secure == ${cookieOptions.secure}.`); | |
commit b60a5c1c7bf3505616ba83a20cb0bf7a960d12ff | |
Author: Mark Tse <mark.tse@neverendingqs.com> | |
Date: Sat Jul 2 16:04:11 2016 -0400 | |
Securing cookies in production. | |
diff --git a/server.js b/server.js | |
index db9f86e..5d7568a 100755 | |
--- a/server.js | |
+++ b/server.js | |
@@ -4,6 +4,10 @@ var express = require('express'); | |
var cookieParser = require('cookie-parser') | |
var port = process.env.PORT || 3000; | |
+var cookieOptions = { | |
+ httpOnly: true, | |
+ secure: process.env.NODE_ENV === 'production' | |
+}; | |
var app = express(); | |
app.set('view engine', 'ejs'); | |
@@ -38,7 +42,7 @@ app.get('/auth', function(req, res) { | |
cookie.clientId = req.query.client_id; | |
cookie.scope = req.query.scope; | |
- res.cookie(cookieName, cookie); | |
+ res.cookie(cookieName, cookie, cookieOptions); | |
var authCodeRequest = req.query.auth_endpoint | |
+ "?response_type=code" | |
@@ -51,3 +55,4 @@ app.get('/auth', function(req, res) { | |
app.listen(port); | |
console.log(`Started on port ${port}.`); | |
+console.log(`Running with cookieOptions.secure == ${cookieOptions.secure}.`); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment