oauth20-provider - npm Package Compare versions

Comparing version 0.3.4 to 0.3.5

lib/controller/token/password.js

		var
		async = require('async'),
		response = require('./../../util/response.js'),
		error = require('./../../error');
		@@ -45,4 +44,2 @@
		cb(new error.invalidClient('User not found'));
		else if (!oauth2.model.user.checkPassword(obj, password))
		cb(new error.invalidClient('Wrong user password provided'));
		else {
		@@ -55,2 +52,13 @@ oauth2.logger.debug('User fetched: ', obj);
		},
		// Check provided password
		function(cb) {
		oauth2.model.user.checkPassword(user, password, function(err, valid) {
		if (err)
		cb(new error.serverError('Failed to call user:checkPassword method'));
		else if (!valid)
		cb(new error.invalidClient('Wrong user password provided'));
		else
		cb();
		});
		},
		// Remove old refreshToken (if exists) with userId-clientId pair
		@@ -57,0 +65,0 @@ function(cb) {

lib/middleware/bearer.js

		@@ -16,6 +16,6 @@ var
		if (!pieces \|\| pieces.length !== 2)
		return response.error(req.oauth2, res, new error.accessDenied('Wrong authorization header'));
		return response.error(req, res, new error.accessDenied('Wrong authorization header'));
		// Only bearer auth is supported
		if (pieces[0].toLowerCase() != 'bearer')
		return response.error(req.oauth2, res, new error.accessDenied('Unsupported authorization method header'));
		return response.error(req, res, new error.accessDenied('Unsupported authorization method header'));
		token = pieces[1].toLowerCase();
		@@ -22,0 +22,0 @@ req.oauth2.logger.debug('Bearer token parsed from authorization header: ', token);

lib/model/user.js

		@@ -45,8 +45,8 @@ var
		* @param password {String} Password to be checked
		* @param cb {Function} Function callback -> (error, boolean) If input is correct
		*/
		module.exports.checkPassword = function(user, password) {
		module.exports.checkPassword = function(user, password, cb) {
		/**
		* For example:
		* if (user.password != superHashFunction(password)) return true;
		* else false;
		* In case of sync check function use:
		* (user.password == superHashFunction(password)) ? cb(null, true) : cb(null, false);
		*/
		@@ -53,0 +53,0 @@ throw new error.serverError('User model method "checkPassword" is not implemented');

package.json

		{
		"name": "oauth20-provider",
		"version": "0.3.4",
		"version": "0.3.5",
		"description": "OAuth 2.0 provider toolkit for nodeJS",
		@@ -5,0 +5,0 @@ "keywords": ["oauth", "oauth2", "provider", "server", "connect", "express", "middleware", "http", "api", "rest"],

test/server/app.js

		@@ -63,7 +63,12 @@ var TYPE = 'memory'; // Pg, redis, mongodb also available for example
		if (err) next(err);
		else if (!user \|\| !model.oauth2.user.checkPassword(user, req.body.password)) res.redirect(req.url);
		else {
		req.session.user = user;
		req.session.authorized = true;
		res.redirect(backUrl);
		model.oauth2.user.checkPassword(user, req.body.password, function(err, valid) {
		if (err) next(err);
		else if (!valid) res.redirect(req.url);
		else {
		req.session.user = user;
		req.session.authorized = true;
		res.redirect(backUrl);
		}
		});
		}
		@@ -70,0 +75,0 @@ });

test/server/model/memory/oauth2/user.js

		@@ -21,4 +21,4 @@ var users = require('./../../data.js').users;

		module.exports.checkPassword = function(user, password) {
		return (user.password == password);
		module.exports.checkPassword = function(user, password, cb) {
		(user.password == password) ? cb(null, true) : cb(null, false);
		};
		@@ -25,0 +25,0 @@

test/server/model/redis/oauth2/user.js

		@@ -43,4 +43,4 @@ var

		module.exports.checkPassword = function(user, password) {
		return (user.password == password);
		module.exports.checkPassword = function(user, password, cb) {
		(user.password == password) ? cb(null, true) : cb(null, false);
		};
		@@ -47,0 +47,0 @@

.idea/workspace.xml

Sorry, the diff of this file is not supported yet

New alerts