node-oauth2-server
Advanced tools
node-oauth2-server - npm Package Compare versions
Comparing version 2.1.0 to 2.1.1
@@ -114,2 +114,6 @@ /** | ||
| return done(error('invalid_client', 'Invalid client credentials')); | ||
| } else if (Array.isArray(client.redirectUri)) { | ||
| if (client.redirectUri.indexOf(self.redirectUri) === -1) { | ||
| return done(error('invalid_request', 'redirect_uri does not match')); | ||
| } | ||
| } else if (client.redirectUri !== self.redirectUri) { | ||
@@ -116,0 +120,0 @@ return done(error('invalid_request', 'redirect_uri does not match')); |
@@ -453,4 +453,4 @@ /** | ||
| if (this.continueAfterResponse) | ||
| if (this.config.continueAfterResponse) | ||
| done(); | ||
| } |
| { | ||
| "name": "node-oauth2-server", | ||
| "description": "Complete, compliant and well tested module for implementing an OAuth2 Server/Provider with express in node.js", | ||
| "version": "2.1.0", | ||
| "version": "2.1.1", | ||
| "keywords": [ | ||
@@ -10,4 +10,4 @@ "oauth", | ||
| "author": { | ||
| "name": "NightWorld", | ||
| "email": "code@nightworld.com" | ||
| "name": "Thom Seddon", | ||
| "email": "thom@seddonmedia.co.uk" | ||
| }, | ||
@@ -17,3 +17,3 @@ "contributors": [ | ||
| "name": "Thom Seddon", | ||
| "email": "thom@nightworld.com" | ||
| "email": "thom@seddonmedia.co.uk" | ||
| } | ||
@@ -20,0 +20,0 @@ ], |
@@ -258,3 +258,3 @@ # Node OAuth2 Server [](https://travis-ci.org/thomseddon/node-oauth2-server) | ||
| To obtain a token you should POST to `/oauth/token`. You should include your client credentials in | ||
| the Authorization header ("Basic " + client_id:client_secret base4'd), and then grant_type ("password"), | ||
| the Authorization header ("Basic " + client_id:client_secret base64'd), and then grant_type ("password"), | ||
| username and password in the request body, for example: | ||
@@ -261,0 +261,0 @@ |
@@ -104,3 +104,3 @@ /** | ||
| it('should detect mismatching redirect_uri', function (done) { | ||
| it('should detect mismatching redirect_uri with a string', function (done) { | ||
| var app = bootstrap({ | ||
@@ -125,2 +125,62 @@ getClient: function (clientId, clientSecret, callback) { | ||
| it('should detect mismatching redirect_uri within an array', function (done) { | ||
| var app = bootstrap({ | ||
| getClient: function (clientId, clientSecret, callback) { | ||
| callback(false, { | ||
| clientId: 'thom', | ||
| redirectUri: ['http://nightworld.com','http://dayworld.com'] | ||
| }); | ||
| } | ||
| }); | ||
| request(app) | ||
| .post('/authorise') | ||
| .send({ | ||
| response_type: 'code', | ||
| client_id: 'thom', | ||
| redirect_uri: 'http://wrong.com' | ||
| }) | ||
| .expect(400, /redirect_uri does not match/i, done); | ||
| }); | ||
| it('should accept a valid redirect_uri within an array', function (done) { | ||
| var app = bootstrap({ | ||
| getClient: function (clientId, clientSecret, callback) { | ||
| callback(false, { | ||
| clientId: 'thom', | ||
| redirectUri: ['http://nightworld.com','http://dayworld.com'] | ||
| }); | ||
| } | ||
| }); | ||
| request(app) | ||
| .post('/authorise') | ||
| .send({ | ||
| response_type: 'code', | ||
| client_id: 'thom', | ||
| redirect_uri: 'http://nightworld.com' | ||
| }) | ||
| .expect(302, /Moved temporarily/i, done); | ||
| }); | ||
| it('should accept a valid redirect_uri with a string', function (done) { | ||
| var app = bootstrap({ | ||
| getClient: function (clientId, clientSecret, callback) { | ||
| callback(false, { | ||
| clientId: 'thom', | ||
| redirectUri: 'http://nightworld.com' | ||
| }); | ||
| } | ||
| }); | ||
| request(app) | ||
| .post('/authorise') | ||
| .send({ | ||
| response_type: 'code', | ||
| client_id: 'thom', | ||
| redirect_uri: 'http://nightworld.com' | ||
| }) | ||
| .expect(302, /Moved temporarily/i, done); | ||
| }); | ||
| it('should detect user access denied', function (done) { | ||
@@ -235,4 +295,2 @@ var app = bootstrap({ | ||
| it('should continue after success response if continueAfterResponse = true', function (done) { | ||
| var code; | ||
| var app = bootstrap({ | ||
@@ -246,4 +304,2 @@ getClient: function (clientId, clientSecret, callback) { | ||
| saveAuthCode: function (authCode, clientId, expires, user, callback) { | ||
| should.exist(authCode); | ||
| code = authCode; | ||
| callback(); | ||
@@ -250,0 +306,0 @@ } |
@@ -482,4 +482,42 @@ /** | ||
| }); | ||
| it('should continue after success response if continueAfterResponse1 = true', function (done) { | ||
| var app = bootstrap({ | ||
| model: { | ||
| getClient: function (id, secret, callback) { | ||
| callback(false, { clientId: 'thom' }); | ||
| }, | ||
| grantTypeAllowed: function (clientId, grantType, callback) { | ||
| callback(false, true); | ||
| }, | ||
| getUser: function (uname, pword, callback) { | ||
| callback(false, { id: 1 }); | ||
| }, | ||
| saveAccessToken: function (token, clientId, expires, user, cb) { | ||
| cb(); | ||
| } | ||
| }, | ||
| grants: ['password'], | ||
| continueAfterResponse: true | ||
| }); | ||
| var hit = false; | ||
| app.all('*', function (req, res, done) { | ||
| hit = true; | ||
| }); | ||
| request(app) | ||
| .post('/oauth/token') | ||
| .set('Content-Type', 'application/x-www-form-urlencoded') | ||
| .send(validBody) | ||
| .expect(200) | ||
| .end(function (err, res) { | ||
| if (err) return done(err); | ||
| hit.should.equal(true); | ||
| done(); | ||
| }); | ||
| }); | ||
| }); | ||
| }); |
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.02%
144984
- Lines of code
- increased by2.65%
3451