src/oauth/authorizationBuilder.js
//@exclude
'use strict';
//@endexclude
(function () {
/**
* Create a AuthorizationBuilder for resource managing requests.
*
* @param {Object} clientParams Initial params
*
* @return {corbel.Oauth.AuthorizationBuilder}
*/
corbel.Oauth.prototype.authorization = function (clientParams) {
console.log('oauthInterface.authorization', clientParams);
corbel.Oauth._checkProp(clientParams, ['responseType'], 'Invalid client parameters');
clientParams.responseType = clientParams.responseType.toLowerCase();
corbel.Oauth._validateResponseType(clientParams.responseType);
if (clientParams.responseType.toLowerCase() === 'code') {
corbel.Oauth._checkProp(clientParams, ['redirectUri'], 'Invalid client parameters');
}
clientParams.clientId = clientParams.clientId || corbel.Config.get('oauthClientId');
var params = {
contentType: corbel.Oauth._URL_ENCODED,
data: corbel.Oauth._trasformParams(clientParams),
// http://stackoverflow.com/questions/1557602/jquery-and-ajax-response-header
noRedirect: true
};
var authorization = new AuthorizationBuilder(params);
authorization.driver = this.driver;
return authorization;
};
/**
* A builder for authorization management requests.
*
* @param {Object} params Initial params
*
* @class
* @memberOf corbel.Oauth.AuthorizationBuilder
*/
var AuthorizationBuilder = corbel.Oauth.AuthorizationBuilder = corbel.Services.inherit({
constructor: function (params) {
this.params = params;
this.uri = 'oauth';
},
/**
* Does a login with stored cookie in oauth server
* @method
* @memberOf corbel.Oauth.AuthorizationBuilder
* @return {Promise} Q promise that resolves to a redirection to redirectUri or rejects with a 404 {@link CorbelError}
*/
loginWithCookie: function () {
console.log('oauthInterface.authorization.dialog');
var that = this;
return this.request({
url: this._buildUri(this.uri + '/authorize'),
method: corbel.request.method.GET,
dataType: 'text',
withCredentials: true,
query: corbel.utils.toURLEncoded(this.params.data),
noRedirect: true,
contentType: corbel.Oauth._URL_ENCODED
})
.then(function (res) {
var params = {
url: corbel.Services.getLocation(res),
withCredentials: true
};
return that.request(params);
});
},
/**
* Does a login in oauth server
* @method
* @memberOf corbel.Oauth.AuthorizationBuilder
* @param {String} username The username of the user to log in
* @param {String} password The password of the user
* @param {Boolean} setCookie Sends 'RequestCookie' to the server
* @param {Boolean} redirect The user when he does the login
* @return {Promise} Q promise that resolves to a redirection to redirectUri or rejects with a {@link CorbelError}
*/
login: function (username, password, setCookie, redirect) {
console.log('oauthInterface.authorization.login', username + ':' + password);
if (username) {
this.params.data.username = username;
}
if (password) {
this.params.data.password = password;
}
this.params.withCredentials = true;
var that = this;
// make request, generate oauth cookie, then redirect manually
return this.request({
url: this._buildUri(this.uri + '/authorize'),
method: corbel.request.method.POST,
data: this.params.data,
contentType: this.params.contentType,
noRedirect: redirect ? redirect : true
})
.then(function (res) {
if (corbel.Services.getLocation(res)) {
var req = {
url: corbel.Services.getLocation(res)
};
if (setCookie) {
req.headers = {
RequestCookie: 'true'
};
req.withCredentials = true;
}
return that.request(req).then(function(response) {
var accessToken = response.data.accessToken || response.data.query.code;
that.driver.config.set(corbel.Iam.IAM_TOKEN, response.data);
that.driver.config.set(corbel.Iam.IAM_DOMAIN, corbel.jwt.decode(accessToken).domainId);
if (that.params.jwt) {
that.driver.config.set(corbel.Iam.IAM_TOKEN_SCOPES, corbel.jwt.decode(that.params.jwt).scope);
}
if (that.params.claims) {
if (that.params.claims.scope) {
that.driver.config.set(corbel.Iam.IAM_TOKEN_SCOPES, that.params.claims.scope);
} else {
that.driver.config.set(corbel.Iam.IAM_TOKEN_SCOPES, that.driver.config.get('scopes', ''));
}
}
return response;
});
}
else {
return res.data;
}
});
},
/**
* Sign out from oauth server
* @method
* @memberOf corbel.Oauth.SignOutBuilder
* @return {Promise} promise that resolves empty when the sign out process completes or rejects with a {@link CorbelError}
*/
signout: function () {
console.log('oauthInterface.authorization.signOut');
delete this.params.data;
return this.request({
url: this._buildUri(this.uri + '/signout'),
method: corbel.request.method.GET,
withCredentials: true
}).then(function (res) {
return corbel.Services.getLocationId(res);
});
},
_buildUri: corbel.Oauth._buildUri
});
})();