Skip to content

Instantly share code, notes, and snippets.

@neverendingqs

neverendingqs/git-grep_--break_-p.text

Last active December 27, 2018 18:58
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save neverendingqs/4b629a61d1d073d279c7e1ffa7e651e6 to your computer and use it in GitHub Desktop.
Save neverendingqs/4b629a61d1d073d279c7e1ffa7e651e6 to your computer and use it in GitHub Desktop.
Download ZIP
Git Examples using oauth2-client-shell (https://github.com/neverendingqs/oauth2-client-shell)
Raw
git-grep_--break_-p.text
$ git grep --break -p authCodeScope
src/lib/utility.js=module.exports = {
src/lib/utility.js: authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE,
src/lib/views.js=var index = function(req, cookie, error) {
src/lib/views.js: authCodeScope: cookie.authCodeScope,
src/server.js=app.post('/auth', function(req, res) {
src/server.js: cookie.authCodeScope = req.body.scope;
src/server.js: + "&scope=" + cookie.authCodeScope
src/views/index.ejs: <input type="text" class="form-control" name="scope" id="auth-code-scope" placeholder="profile" value="<%= authCodeScope %>"></input>
Raw
git-log_-L.diff
$ git log -L /cookieFromDefaults/,/^}/:src/lib/utility.js
commit 66333d76ab569d778229fb8b675fb1364f05360a
Author: Mark Tse <neverendingqs@users.noreply.github.com>
Date: Sat Nov 12 21:37:49 2016 -0500
ci - adding cookie to smoke test and adding new test for reset. (#41)
diff --git a/src/lib/utility.js b/src/lib/utility.js
--- a/src/lib/utility.js
+++ b/src/lib/utility.js
@@ -1,16 +6,11 @@
-module.exports = {
- getRedirectUri: function(req) {
- return req.protocol + "://" + req.headers.host + "/";
- },
-
- cookieFromDefaults: function() {
- return {
- authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE,
- authEndpoint: process.env.DEFAULT_AUTH_ENDPOINT,
- clientId: process.env.DEFAULT_CLIENT_ID,
- clientSecret: process.env.DEFAULT_CLIENT_SECRET,
- customParams: process.env.DEFAULT_CUSTOM_PARAMS,
- tokenEndpoint: process.env.DEFAULT_TOKEN_ENDPOINT
- };
- }
-};
+ cookieFromDefaults: function() {
+ return {
+ authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE,
+ authEndpoint: process.env.DEFAULT_AUTH_ENDPOINT,
+ clientId: process.env.DEFAULT_CLIENT_ID,
+ clientSecret: process.env.DEFAULT_CLIENT_SECRET,
+ customParams: process.env.DEFAULT_CUSTOM_PARAMS,
+ tokenEndpoint: process.env.DEFAULT_TOKEN_ENDPOINT
+ };
+ }
+};
commit 1cb3a5ce5314ad4cae1c7bce04594cd461eaaf73
Author: Mark Tse <neverendingqs@users.noreply.github.com>
Date: Sat Nov 5 20:30:28 2016 -0400
app - preventing defaults from being modified. (#38)
diff --git a/lib/utility.js b/lib/utility.js
--- a/lib/utility.js
+++ b/lib/utility.js
@@ -1,14 +1,16 @@
module.exports = {
getRedirectUri: function(req) {
return req.protocol + "://" + req.headers.host + "/";
},
- cookieFromDefaults: {
- authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE,
- authEndpoint: process.env.DEFAULT_AUTH_ENDPOINT,
- clientId: process.env.DEFAULT_CLIENT_ID,
- clientSecret: process.env.DEFAULT_CLIENT_SECRET,
- customParams: process.env.DEFAULT_CUSTOM_PARAMS,
- tokenEndpoint: process.env.DEFAULT_TOKEN_ENDPOINT
+ cookieFromDefaults: function() {
+ return {
+ authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE,
+ authEndpoint: process.env.DEFAULT_AUTH_ENDPOINT,
+ clientId: process.env.DEFAULT_CLIENT_ID,
+ clientSecret: process.env.DEFAULT_CLIENT_SECRET,
+ customParams: process.env.DEFAULT_CUSTOM_PARAMS,
+ tokenEndpoint: process.env.DEFAULT_TOKEN_ENDPOINT
+ };
}
};
commit fafb3464965b2a438129aa3b950233296cd013e5
Author: Mark Tse <neverendingqs@users.noreply.github.com>
Date: Sat Aug 13 15:03:55 2016 -0400
Added support for pre-populating form inputs. (#33)
diff --git a/lib/utility.js b/lib/utility.js
--- a/lib/utility.js
+++ b/lib/utility.js
@@ -1,5 +1,14 @@
module.exports = {
getRedirectUri: function(req) {
return req.protocol + "://" + req.headers.host + "/";
+ },
+
+ cookieFromDefaults: {
+ authCodeScope: process.env.DEFAULT_AUTH_CODE_SCOPE,
+ authEndpoint: process.env.DEFAULT_AUTH_ENDPOINT,
+ clientId: process.env.DEFAULT_CLIENT_ID,
+ clientSecret: process.env.DEFAULT_CLIENT_SECRET,
+ customParams: process.env.DEFAULT_CUSTOM_PARAMS,
+ tokenEndpoint: process.env.DEFAULT_TOKEN_ENDPOINT
}
};
commit 57e1f3b0c056fc61f94defc9958f7fac628d95c2
Author: Mark Tse <neverendingqs@users.noreply.github.com>
Date: Fri Jul 8 22:56:43 2016 -0400
Listing redirect URI onto page; resolves #20. (#21)
diff --git a/lib/utility.js b/lib/utility.js
--- /dev/null
+++ b/lib/utility.js
@@ -0,0 +1,5 @@
+module.exports = {
+ getRedirectUri: function(req) {
+ return req.protocol + "://" + req.headers.host + "/";
+ }
+};
Raw
git-log_-p_-S.diff
$ git log -p -S cookieOptions
commit 66493bddb73f027b209572495c7b4aa242eddc62
Author: Mark Tse <neverendingqs@users.noreply.github.com>
Date: Sun Nov 13 17:40:34 2016 -0500
test - code fix; fixing up tests to always check for csrf token; enriching auth code response test. (#46)
diff --git a/src/server.js b/src/server.js
index 6c01333..bf1b4c9 100755
--- a/src/server.js
+++ b/src/server.js
@@ -59,6 +59,7 @@ app.get('/', function(req, res) {
}
cookie.authCode = req.query.code;
cookie.focus = "user-tokens";
+ res.cookie(cookieName, cookie, cookieOptions);
}
res.render('index', views.index(req, cookie));
commit 0a4213ed92d61f56a204cc5298b59e2330a42487
Author: Mark Tse <mark.tse@neverendingqs.com>
Date: Mon Jul 4 17:30:16 2016 -0400
Added functionality to trade in refresh token; resolves #9.
diff --git a/server.js b/server.js
index 2bdcd18..33e8458 100755
--- a/server.js
+++ b/server.js
@@ -100,6 +100,41 @@ app.post('/token', function(req, res) {
})
});
+app.post('/refresh', function(req, res) {
+ var cookie = req.cookies[cookieName] || {};
+ cookie.tokenEndpoint = req.body.token_endpoint;
+ cookie.refreshToken = req.body.refresh_token;
+ cookie.clientId = req.body.client_id;
+ cookie.clientSecret = req.body.client_secret;
+ cookie.accessToken = null;
+ res.cookie(cookieName, cookie, cookieOptions);
+
+ var payload = {
+ grant_type: "refresh_token",
+ redirect_uri: req.protocol + "://" + req.headers.host + "/",
+ refresh_token: cookie.refreshToken
+ };
+
+ request
+ .post(cookie.tokenEndpoint)
+ .auth(cookie.clientId, cookie.clientSecret)
+ .type('form')
+ .send(payload)
+ .end(function(err, postResponse) {
+ if (err) {
+ console.log("Error trading in refresh token:")
+ console.log(err);
+ res.redirect('/?error=' + JSON.stringify(postResponse.body));
+ } else {
+ cookie.accessToken = postResponse.body.access_token;
+ cookie.refreshToken = postResponse.body.refresh_token || cookie.refreshToken;
+ res.cookie(cookieName, cookie, cookieOptions);
+
+ res.redirect('/');
+ }
+ })
+});
+
app.listen(port);
console.log(`Started on port ${port}.`);
console.log(`Running with cookieOptions.secure == ${cookieOptions.secure}.`);
commit 45f63fda59921edf4d5bb43ac36a9aeb4b68da9f
Author: Mark Tse <mark.tse@neverendingqs.com>
Date: Sun Jul 3 23:53:49 2016 -0400
Added button for clearing authorization code and tokens.
diff --git a/server.js b/server.js
index 2cdde22..4f65fc9 100755
--- a/server.js
+++ b/server.js
@@ -28,6 +28,12 @@ app.get('/', function(req, res) {
if (req.query.reset === "true") {
res.cookie(cookieName, "", { expires: new Date() });
res.render('index', views.index({}));
+ } else if (req.query.clear === "true") {
+ cookie.authCode = null;
+ cookie.accessToken = null;
+ cookie.refreshToken = null;
+ res.cookie(cookieName, cookie, cookieOptions);
+ res.render('index', views.index(cookie));
} else if (req.query.state && req.query.state !== state) {
var error = `Authorization endpoint sent back the wrong state! Expected '${req.query.state} but got '${state}' from the server.`;
res.render('index', views.index(cookie, error));
commit dcc7d3c2bd28d353c235e413e53acea4bf417358
Author: Mark Tse <mark.tse@neverendingqs.com>
Date: Sat Jul 2 22:08:29 2016 -0400
Added functionality for trading in an authorization code for an access token.
diff --git a/server.js b/server.js
index 5d7568a..bf648ad 100755
--- a/server.js
+++ b/server.js
@@ -2,6 +2,7 @@ var cookieName = "oAuth2ClientShell";
var express = require('express');
var cookieParser = require('cookie-parser')
+var request = require('superagent');
var port = process.env.PORT || 3000;
var cookieOptions = {
@@ -30,7 +31,11 @@ app.get('/', function(req, res) {
authCode: cookie.authCode,
authEndpoint: cookie.authEndpoint,
clientId: cookie.clientId,
- scope: cookie.scope
+ scope: cookie.scope,
+ tokenEndpoint: cookie.tokenEndpoint,
+ clientSecret: cookie.clientSecret,
+ accessToken: cookie.accessToken,
+ refreshToken: cookie.refreshToken
};
res.render('index', locals);
@@ -41,18 +46,62 @@ app.get('/auth', function(req, res) {
cookie.authEndpoint = req.query.auth_endpoint;
cookie.clientId = req.query.client_id;
cookie.scope = req.query.scope;
-
res.cookie(cookieName, cookie, cookieOptions);
- var authCodeRequest = req.query.auth_endpoint
+ var authCodeRequest = cookie.authEndpoint
+ "?response_type=code"
+ "&redirect_uri=" + req.protocol + "://" + req.headers.host + "/"
- + "&client_id=" + req.query.client_id
- + "&scope=" + req.query.scope;
+ + "&client_id=" + cookie.clientId
+ + "&scope=" + cookie.scope;
res.redirect(authCodeRequest);
});
+app.get('/token', function(req, res) {
+ var cookie = req.cookies[cookieName] || {};
+ cookie.tokenEndpoint = req.query.token_endpoint;
+ cookie.authCode = req.query.auth_code;
+ cookie.clientId = req.query.client_id;
+ cookie.clientSecret = req.query.client_secret;
+ res.cookie(cookieName, cookie, cookieOptions);
+
+ var payload = {
+ grant_type: "authorization_code",
+ redirect_uri: req.protocol + "://" + req.headers.host + "/",
+ client_id: cookie.clientId,
+ client_secret: cookie.clientSecret,
+ code: cookie.authCode
+ };
+
+ request.post(cookie.tokenEndpoint)
+ .type('form')
+ .send(payload)
+ .end(function(err, postResponse) {
+ if (err) {
+ console.log("Error trading in authorization code:")
+ console.log(err);
+ // TODO: return with proper error message
+ }
+
+ cookie.accessToken = postResponse.body.access_token;
+ cookie.refreshToken = postResponse.body.refresh_token || "Not provided by token endpoint.";
+ res.cookie(cookieName, cookie, cookieOptions);
+
+ var locals = {
+ authCode: cookie.authCode,
+ authEndpoint: cookie.authEndpoint,
+ clientId: cookie.clientId,
+ scope: cookie.scope,
+ tokenEndpoint: cookie.tokenEndpoint,
+ clientSecret: cookie.clientSecret,
+ accessToken: cookie.accessToken,
+ refreshToken: cookie.refreshToken
+ };
+
+ res.render('index', locals);
+ })
+});
+
app.listen(port);
console.log(`Started on port ${port}.`);
console.log(`Running with cookieOptions.secure == ${cookieOptions.secure}.`);
commit b60a5c1c7bf3505616ba83a20cb0bf7a960d12ff
Author: Mark Tse <mark.tse@neverendingqs.com>
Date: Sat Jul 2 16:04:11 2016 -0400
Securing cookies in production.
diff --git a/server.js b/server.js
index db9f86e..5d7568a 100755
--- a/server.js
+++ b/server.js
@@ -4,6 +4,10 @@ var express = require('express');
var cookieParser = require('cookie-parser')
var port = process.env.PORT || 3000;
+var cookieOptions = {
+ httpOnly: true,
+ secure: process.env.NODE_ENV === 'production'
+};
var app = express();
app.set('view engine', 'ejs');
@@ -38,7 +42,7 @@ app.get('/auth', function(req, res) {
cookie.clientId = req.query.client_id;
cookie.scope = req.query.scope;
- res.cookie(cookieName, cookie);
+ res.cookie(cookieName, cookie, cookieOptions);
var authCodeRequest = req.query.auth_endpoint
+ "?response_type=code"
@@ -51,3 +55,4 @@ app.get('/auth', function(req, res) {
app.listen(port);
console.log(`Started on port ${port}.`);
+console.log(`Running with cookieOptions.secure == ${cookieOptions.secure}.`);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment