API.md

Classes

OAuthMeteorModel

Implements the OAuth2Server model with Meteor-Mongo bindings.

OAuth2Server

The base class of this package. Represents an oauth2-server with a default model setup for Meteor/Mongo.

Constants

OAuth2ServerDefaults : Object

Default options, that are used to merge with the user defined options.

DefaultModelConfig : Object

Default collection names for the model collections.

bind ⇒ function

Binds a function to the Meteor environment and Fiber

createCollection ⇒ Mongo.Collection

If the given collection is already created or cached, returns the collection or creates a new one.

errorHandler

Unifies error handling as http response. Defaults to a 500 response, unless further details were added.

isModelInterface ⇒ boolean

Since we allow projects to implement their own model (while providing ours as drop-in) we still need to validate, whether they implement the model correctly.

We duck-type check if the model implements the most important functions. Uses the following values to check:

• 'getAuthorizationCode',
• 'getClient',
• 'getRefreshToken',
• 'revokeAuthorizationCode',
• 'saveAuthorizationCode',
• 'saveRefreshToken',
• 'saveToken',
• 'getAccessToken'

UserValidation

Used to register handlers for different instances that validate users. This allows you to validate user access on a client-based level.

app : Object

Wrapped WebApp with express-style get/post and default use routes.

OAuthMeteorModel

Implements the OAuth2Server model with Meteor-Mongo bindings.

Kind: global class

• OAuthMeteorModel
  • .log(...args)
  • .getAccessToken()
  • .createClient(title, homepage, description, privacyLink, redirectUris, grants, clientId, secret) ⇒ Promise.<Object>
  • .getClient()
  • .saveToken()
  • .getAuthorizationCode() ⇒
  • .saveAuthorizationCode(code, client, user) ⇒ Promise.<Object>
  • .revokeAuthorizationCode()
  • .saveRefreshToken(token, clientId, expires, user) ⇒ Promise.<*>
  • .getRefreshToken()
  • .grantTypeAllowed(clientId, grantType) ⇒ boolean

oAuthMeteorModel.log(...args)

Logs to console if debug is set to true

Kind: instance method of OAuthMeteorModel

Param	Description
...args	arbitrary list of params

oAuthMeteorModel.getAccessToken()

getAccessToken(token) should return an object with: accessToken (String) accessTokenExpiresAt (Date) client (Object), containing at least an id property that matches the supplied client scope (optional String) user (Object)

Kind: instance method of OAuthMeteorModel

oAuthMeteorModel.createClient(title, homepage, description, privacyLink, redirectUris, grants, clientId, secret) ⇒ Promise.<Object>

Registers a new client app in the {Clients} collection

Kind: instance method of OAuthMeteorModel

Param
title
homepage
description
privacyLink
redirectUris
grants
clientId
secret

oAuthMeteorModel.getClient()

getClient(clientId, clientSecret) should return an object with, at minimum: redirectUris (Array) grants (Array)

Kind: instance method of OAuthMeteorModel

oAuthMeteorModel.saveToken()

saveToken(token, client, user) and should return: accessToken (String) accessTokenExpiresAt (Date) client (Object) refreshToken (optional String) refreshTokenExpiresAt (optional Date) user (Object)

Kind: instance method of OAuthMeteorModel

oAuthMeteorModel.getAuthorizationCode() ⇒

getAuthCode() was renamed to getAuthorizationCode(code) and should return: client (Object), containing at least an id property that matches the supplied client expiresAt (Date) redirectUri (optional String)

Kind: instance method of OAuthMeteorModel
Returns: An Object representing the authorization code and associated data.

oAuthMeteorModel.saveAuthorizationCode(code, client, user) ⇒ Promise.<Object>

should return an Object representing the authorization code and associated data.

Kind: instance method of OAuthMeteorModel

Param
code
client
user

oAuthMeteorModel.revokeAuthorizationCode()

revokeAuthorizationCode(code) is required and should return true

Kind: instance method of OAuthMeteorModel

oAuthMeteorModel.saveRefreshToken(token, clientId, expires, user) ⇒ Promise.<*>

Kind: instance method of OAuthMeteorModel

Param
token
clientId
expires
user

oAuthMeteorModel.getRefreshToken()

getRefreshToken(token) should return an object with: refreshToken (String) client (Object), containing at least an id property that matches the supplied client refreshTokenExpiresAt (optional Date) scope (optional String) user (Object)

Kind: instance method of OAuthMeteorModel

oAuthMeteorModel.grantTypeAllowed(clientId, grantType) ⇒ boolean

Kind: instance method of OAuthMeteorModel

Param
clientId
grantType

OAuth2ServerDefaults : Object

Default options, that are used to merge with the user defined options.

Kind: global constant

DefaultModelConfig : Object

Default collection names for the model collections.

Kind: global constant

bind ⇒ function

Binds a function to the Meteor environment and Fiber

Kind: global constant
Returns: function - the bound function

Param	Type
fn	function

createCollection ⇒ Mongo.Collection

If the given collection is already created or cached, returns the collection or creates a new one.

Kind: global constant

Param	Type
passedCollection	Mongo.Collection | undefined
collectionName	string

errorHandler

Unifies error handling as http response. Defaults to a 500 response, unless further details were added.

Kind: global constant

Param	Type	Description
res
options	Object	options with error information
options.error	String	Error name
options.description	String	Error description
options.uri	String	Optional uri to redirect to when error occurs
options.status	Number	Optional statuscode, defaults to 500
options.state	String	State object vor validation
options.debug	Boolean | undefined	State object vor validation
options.originalError	Error | undefined	original Error instance

isModelInterface ⇒ boolean

Since we allow projects to implement their own model (while providing ours as drop-in) we still need to validate, whether they implement the model correctly.

We duck-type check if the model implements the most important functions. Uses the following values to check:

• 'getAuthorizationCode',
• 'getClient',
• 'getRefreshToken',
• 'revokeAuthorizationCode',
• 'saveAuthorizationCode',
• 'saveRefreshToken',
• 'saveToken',
• 'getAccessToken'

Kind: global constant
Returns: boolean - true if valid, otherwise false

Param	Type	Description
model	Object	the model implementation

UserValidation

Used to register handlers for different instances that validate users. This allows you to validate user access on a client-based level.

Kind: global constant

UserValidation.isValid(instance, handlerArgs) ⇒ *

Delegates handlerArgs to the registered validation handler.

Kind: static method of UserValidation
Returns: * - should return truthy/falsy value

Param	Type
instance	OAuth2Server
handlerArgs	*

app : Object

Wrapped WebApp with express-style get/post and default use routes.

Kind: global constant
See: https://docs.meteor.com/packages/webapp.html

• app : Object
  • .get(url, handler)
  • .post(url, handler)
  • .use(args)

app.get(url, handler)

Creates a get route for a given handler

Kind: static method of app

Param	Type
url	string
handler	function

app.post(url, handler)

Creates a post route for a given handler. If headers' content-type does not equal to application/x-www-form-urlencoded then it will be transformed accordingly.

Kind: static method of app

Param	Type
url	string
handler	function

app.use(args)

Default wrapper around WebApp.use

Kind: static method of app

Param
args