- OAuthMeteorModel
Implements the OAuth2Server model with Meteor-Mongo bindings.
- OAuth2Server
The base class of this package. Represents an oauth2-server with a default model setup for Meteor/Mongo.
- OAuth2ServerDefaults :
Object
Default options, that are used to merge with the user defined options.
- DefaultModelConfig :
Object
Default collection names for the model collections.
- bind ⇒
function
Binds a function to the Meteor environment and Fiber
- createCollection ⇒
Mongo.Collection
If the given collection is already created or cached, returns the collection or creates a new one.
- errorHandler
Unifies error handling as http response. Defaults to a 500 response, unless further details were added.
- isModelInterface ⇒
boolean
Since we allow projects to implement their own model (while providing ours as drop-in) we still need to validate, whether they implement the model correctly.
We duck-type check if the model implements the most important functions. Uses the following values to check:
- 'getAuthorizationCode',
- 'getClient',
- 'getRefreshToken',
- 'revokeAuthorizationCode',
- 'saveAuthorizationCode',
- 'saveRefreshToken',
- 'saveToken',
- 'getAccessToken'
- UserValidation
Used to register handlers for different instances that validate users. This allows you to validate user access on a client-based level.
- app :
Object
Wrapped
WebApp
with express-style get/post and default use routes.
Implements the OAuth2Server model with Meteor-Mongo bindings.
Kind: global class
- OAuthMeteorModel
- .log(...args)
- .getAccessToken()
- .createClient(title, homepage, description, privacyLink, redirectUris, grants, clientId, secret) ⇒
Promise.<Object>
- .getClient()
- .saveToken()
- .getAuthorizationCode() ⇒
- .saveAuthorizationCode(code, client, user) ⇒
Promise.<Object>
- .revokeAuthorizationCode()
- .saveRefreshToken(token, clientId, expires, user) ⇒
Promise.<*>
- .getRefreshToken()
- .grantTypeAllowed(clientId, grantType) ⇒
boolean
Logs to console if debug is set to true
Kind: instance method of OAuthMeteorModel
Param | Description |
---|---|
...args | arbitrary list of params |
getAccessToken(token) should return an object with: accessToken (String) accessTokenExpiresAt (Date) client (Object), containing at least an id property that matches the supplied client scope (optional String) user (Object)
Kind: instance method of OAuthMeteorModel
oAuthMeteorModel.createClient(title, homepage, description, privacyLink, redirectUris, grants, clientId, secret) ⇒ Promise.<Object>
Registers a new client app in the {Clients} collection
Kind: instance method of OAuthMeteorModel
Param |
---|
title |
homepage |
description |
privacyLink |
redirectUris |
grants |
clientId |
secret |
getClient(clientId, clientSecret) should return an object with, at minimum: redirectUris (Array) grants (Array)
Kind: instance method of OAuthMeteorModel
saveToken(token, client, user) and should return: accessToken (String) accessTokenExpiresAt (Date) client (Object) refreshToken (optional String) refreshTokenExpiresAt (optional Date) user (Object)
Kind: instance method of OAuthMeteorModel
getAuthCode() was renamed to getAuthorizationCode(code) and should return: client (Object), containing at least an id property that matches the supplied client expiresAt (Date) redirectUri (optional String)
Kind: instance method of OAuthMeteorModel
Returns: An Object representing the authorization code and associated data.
should return an Object representing the authorization code and associated data.
Kind: instance method of OAuthMeteorModel
Param |
---|
code |
client |
user |
revokeAuthorizationCode(code) is required and should return true
Kind: instance method of OAuthMeteorModel
Kind: instance method of OAuthMeteorModel
Param |
---|
token |
clientId |
expires |
user |
getRefreshToken(token) should return an object with: refreshToken (String) client (Object), containing at least an id property that matches the supplied client refreshTokenExpiresAt (optional Date) scope (optional String) user (Object)
Kind: instance method of OAuthMeteorModel
Kind: instance method of OAuthMeteorModel
Param |
---|
clientId |
grantType |
Default options, that are used to merge with the user defined options.
Default collection names for the model collections.
Binds a function to the Meteor environment and Fiber
Kind: global constant
Returns: function
- the bound function
Param | Type |
---|---|
fn | function |
If the given collection is already created or cached, returns the collection or creates a new one.
Kind: global constant
Param | Type |
---|---|
passedCollection | Mongo.Collection | undefined |
collectionName | string |
Unifies error handling as http response. Defaults to a 500 response, unless further details were added.
Kind: global constant
Param | Type | Description |
---|---|---|
res | ||
options | Object |
options with error information |
options.error | String |
Error name |
options.description | String |
Error description |
options.uri | String |
Optional uri to redirect to when error occurs |
options.status | Number |
Optional statuscode, defaults to 500 |
options.state | String |
State object vor validation |
options.debug | Boolean | undefined |
State object vor validation |
options.originalError | Error | undefined |
original Error instance |
Since we allow projects to implement their own model (while providing ours as drop-in) we still need to validate, whether they implement the model correctly.
We duck-type check if the model implements the most important functions. Uses the following values to check:
- 'getAuthorizationCode',
- 'getClient',
- 'getRefreshToken',
- 'revokeAuthorizationCode',
- 'saveAuthorizationCode',
- 'saveRefreshToken',
- 'saveToken',
- 'getAccessToken'
Kind: global constant
Returns: boolean
- true if valid, otherwise false
Param | Type | Description |
---|---|---|
model | Object |
the model implementation |
Used to register handlers for different instances that validate users. This allows you to validate user access on a client-based level.
Delegates handlerArgs
to the registered validation handler.
Kind: static method of UserValidation
Returns: *
- should return truthy/falsy value
Param | Type |
---|---|
instance | OAuth2Server |
handlerArgs | * |
Wrapped WebApp
with express-style get/post and default use routes.
Kind: global constant
See: https://docs.meteor.com/packages/webapp.html
Creates a get route for a given handler
Kind: static method of app
Param | Type |
---|---|
url | string |
handler | function |
Creates a post route for a given handler.
If headers' content-type does not equal to application/x-www-form-urlencoded
then it will be transformed accordingly.
Kind: static method of app
Param | Type |
---|---|
url | string |
handler | function |
Default wrapper around WebApp.use
Kind: static method of app
Param |
---|
args |