diff --git a/lib/config.js b/lib/config.js index bf57b9c..ac25d50 100644 --- a/lib/config.js +++ b/lib/config.js @@ -34,6 +34,8 @@ var Config = function () { this.providers[provider][type] = value; } else if (key === 'REDIRECT_URI') { this.redirect_uri = value; + } else if (key == 'REDIRECT_METHOD') { + this.redirect_method = value; } else if (key === 'REDIRECT_CLIENT_URI') { this.redirect_client_uri = value; } else if (key === 'TOKEN_SECRET') { @@ -55,6 +57,7 @@ var Config = function () { result.provider = provider; } result.token_secret = this.token_secret; + result.redirect_method = this.redirect_method; return result; } }]); diff --git a/lib/provider.js b/lib/provider.js index 1412206..d63392c 100644 --- a/lib/provider.js +++ b/lib/provider.js @@ -31,53 +31,52 @@ var Provider = exports.Provider = function () { this.config = config; } + /** + * SignIn - Performs the sign-in operation + * @param input_params - Object with parameters to pass to the authorize request client_id, redirect_uri and signin_uri are required keys. + * @param callback - Callback Function + */ + + _createClass(Provider, [{ key: 'signin', - value: function signin(_ref, callback) { - var signin_uri = _ref.signin_uri; - var scope = _ref.scope; - var state = _ref.state; - var response_type = _ref.response_type; - var _config = this.config; - var id = _config.id; - var redirect_uri = _config.redirect_uri; - - var params = { - client_id: id, - redirect_uri: redirect_uri + value: function signin(input_params, callback) { + var params = { //Add Static Components + client_id: encodeURIComponent(this.config.id), + redirect_uri: encodeURIComponent(this.config.redirect_uri) }; - if (response_type) { - params.response_type = response_type; - } - if (scope) { - params.scope = scope; - } - if (state) { - params.state = state; + + //Cycles through all input_params, ands adds to params with proper encoding + for (var key in input_params) { + //Pull all items out of ref & properly encode them + if (!input_params.hasOwnProperty(key)) continue; // skip loop if from prototype + params[key] = encodeURIComponent(input_params[key]); } + delete params['signin_uri']; //Remove since for URL, not for param + if (!params.client_id || !params.redirect_uri) { callback('Invalid sign in params. ' + params.client_id + ' ' + params.redirect_uri); } else { - var url = _utils.Utils.urlBuilder(signin_uri, params); + var url = _utils.Utils.urlBuilder(input_params.signin_uri, params); callback(null, { url: url }); } } }, { key: 'callback', - value: function callback(_ref2, _ref3, additionalParams, cb) { - var code = _ref2.code; - var state = _ref2.state; - var authorization_uri = _ref3.authorization_uri; - var profile_uri = _ref3.profile_uri; - var profileMap = _ref3.profileMap; - var authorizationMethod = _ref3.authorizationMethod; - var authorization = additionalParams.authorization; - var profile = additionalParams.profile; - var _config2 = this.config; - var id = _config2.id; - var redirect_uri = _config2.redirect_uri; - var secret = _config2.secret; - var provider = _config2.provider; + value: function callback(_ref, _ref2, additionalParams, cb) { + var code = _ref.code, + state = _ref.state; + var authorization_uri = _ref2.authorization_uri, + profile_uri = _ref2.profile_uri, + profileMap = _ref2.profileMap, + authorizationMethod = _ref2.authorizationMethod; + var authorization = additionalParams.authorization, + profile = additionalParams.profile; + var _config = this.config, + id = _config.id, + redirect_uri = _config.redirect_uri, + secret = _config.secret, + provider = _config.provider; var attemptAuthorize = function attemptAuthorize() { @@ -114,9 +113,8 @@ var Provider = exports.Provider = function () { reject(new Error('No access data')); } - var _JSON$parse = JSON.parse(accessData); - - var access_token = _JSON$parse.access_token; + var _JSON$parse = JSON.parse(accessData), + access_token = _JSON$parse.access_token; var url = _utils.Utils.urlBuilder(profile_uri, Object.assign({ access_token: access_token }, profile)); _request2.default.get(url, function (error, httpResponse, profileData) { @@ -131,7 +129,7 @@ var Provider = exports.Provider = function () { var mappedProfile = profileMap ? profileMap(profileJson) : profileJson; resolve(mappedProfile); } - }); + }).auth(null, null, true, access_token); //Add Bearer Token to Request }); }; diff --git a/lib/utils.js b/lib/utils.js index db89758..2f40592 100644 --- a/lib/utils.js +++ b/lib/utils.js @@ -102,11 +102,12 @@ var Utils = exports.Utils = function () { }, { key: 'tokenResponse', value: function tokenResponse(data, _ref, callback) { - var redirect_client_uri = _ref.redirect_client_uri; - var token_secret = _ref.token_secret; - var _data$authorizationTo = data.authorizationToken; - var payload = _data$authorizationTo.payload; - var options = _data$authorizationTo.options; + var redirect_client_uri = _ref.redirect_client_uri, + redirect_method = _ref.redirect_method, + token_secret = _ref.token_secret; + var _data$authorizationTo = data.authorizationToken, + payload = _data$authorizationTo.payload, + options = _data$authorizationTo.options; var params = { authorizationToken: this.createToken(payload, token_secret, options) @@ -119,9 +120,37 @@ var Utils = exports.Utils = function () { } } } + var result = { + url: redirect_client_uri, + method: redirect_method, + form: this.getRedirectForm(redirect_client_uri, redirect_method, params) + }; + if (redirect_method !== 'POST') { + //Leave Default Behavior + result.url = this.urlBuilder(result.url, params); + } + return callback(null, result); + } - var url = this.urlBuilder(redirect_client_uri, params); - return callback(null, { url: url }); + /** + * getRedirection Form - Takes a given target, HTTP Method, and params and creates a form that will auto-submit on page load. + * @param action - The location where the form should be submitted. + * @param method - The HTTP Method to use for the submission. + * @param params - An object of name/values to set the name/values of a hidden for for. + * @returns {string} - The HTML of a webpage which will submit the params to the action using the method on page load. + */ + + }, { + key: 'getRedirectForm', + value: function getRedirectForm(action, method, params) { + var html = "Redirecting..."; + html += "
"; + for (var name in params) { + if (!params.hasOwnProperty(name)) continue; + html += ""; + } + html += "
"; + return html; } /** diff --git a/src/config.js b/src/config.js index ae5c05b..51b89c5 100644 --- a/src/config.js +++ b/src/config.js @@ -20,7 +20,9 @@ class Config { } this.providers[provider][type] = value; } else if (key === 'REDIRECT_URI') { - this.redirect_uri = value; + this.redirect_uri = value; + } else if (key == 'REDIRECT_METHOD') { + this.redirect_method = value; } else if (key === 'REDIRECT_CLIENT_URI') { this.redirect_client_uri = value; } else if (key === 'TOKEN_SECRET') { @@ -40,6 +42,7 @@ class Config { result.provider = provider; } result.token_secret = this.token_secret; + result.redirect_method = this.redirect_method; return result; } } diff --git a/src/provider.js b/src/provider.js index d1ad8a2..8921c59 100644 --- a/src/provider.js +++ b/src/provider.js @@ -10,25 +10,28 @@ export class Provider { this.config = config; } - signin({ signin_uri, scope, state, response_type }, callback) { - const { id, redirect_uri } = this.config; - const params = { - client_id: id, - redirect_uri + /** + * SignIn - Performs the sign-in operation + * @param input_params - Object with parameters to pass to the authorize request client_id, redirect_uri and signin_uri are required keys. + * @param callback - Callback Function + */ + signin(input_params, callback) { + const params = { //Add Static Components + client_id: encodeURIComponent(this.config.id), + redirect_uri: encodeURIComponent(this.config.redirect_uri) }; - if (response_type) { - params.response_type = response_type; - } - if (scope) { - params.scope = scope; - } - if (state) { - params.state = state; + + //Cycles through all input_params, ands adds to params with proper encoding + for (var key in input_params) { //Pull all items out of ref & properly encode them + if (!input_params.hasOwnProperty(key)) continue;// skip loop if from prototype + params[key] = encodeURIComponent(input_params[key]); } + delete params['signin_uri']; //Remove since for URL, not for param + if (!params.client_id || !params.redirect_uri) { callback(`Invalid sign in params. ${params.client_id} ${params.redirect_uri}`); } else { - const url = Utils.urlBuilder(signin_uri, params); + const url = Utils.urlBuilder(input_params.signin_uri, params); callback(null, { url }); } } @@ -86,7 +89,7 @@ export class Provider { const mappedProfile = profileMap ? profileMap(profileJson) : profileJson; resolve(mappedProfile); } - }); + }).auth(null, null, true, access_token);//Add Bearer Token to Request }); attemptAuthorize() diff --git a/src/utils.js b/src/utils.js index 489b8db..13bbb2c 100644 --- a/src/utils.js +++ b/src/utils.js @@ -61,7 +61,7 @@ export class Utils { * @param config {redirect_client_uri {string}, token_secret {string}} * @param callback {function} callback function e.g. context.done */ - static tokenResponse(data, { redirect_client_uri, token_secret }, callback) { + static tokenResponse(data, { redirect_client_uri, redirect_method, token_secret }, callback) { const { payload, options } = data.authorizationToken; const params = { authorizationToken: this.createToken(payload, token_secret, options) @@ -74,9 +74,33 @@ export class Utils { } } } + var result = { + url : redirect_client_uri, + method : redirect_method, + form : this.getRedirectForm(redirect_client_uri, redirect_method, params) + }; + if(redirect_method !== 'POST'){ //Leave Default Behavior + result.url = this.urlBuilder(result.url, params); + } + return callback(null, result); + } - const url = this.urlBuilder(redirect_client_uri, params); - return callback(null, { url }); + /** + * getRedirection Form - Takes a given target, HTTP Method, and params and creates a form that will auto-submit on page load. + * @param action - The location where the form should be submitted. + * @param method - The HTTP Method to use for the submission. + * @param params - An object of name/values to set the name/values of a hidden for for. + * @returns {string} - The HTML of a webpage which will submit the params to the action using the method on page load. + */ + static getRedirectForm(action, method, params){ + var html = "Redirecting..."; + html += "
"; + for (var name in params) { + if(!params.hasOwnProperty(name)) continue; + html += ""; + } + html += "
" + return html; } /**