Changes on ACCESS_TOKEN and implements REFRESH_TOKEN #7
Conversation
Craaftx
changed the title
src/model/index.js
Outdated
| access = a; | ||
| return true; | ||
| } | ||
| return false; |
src/model/index.js
Outdated
| access = a; | ||
| return true; | ||
| const aDate = new Date(a.created); | ||
| aDate.setSeconds(aDate.getSeconds() + a.expires_in); |
There was a problem hiding this comment.
So why are you using Date here? You get unix time value in a.created, so you could simply do an addition (convert expires_in in milliseconds first then add it to created), and compare the result to Date.now().
There was a problem hiding this comment.
I transform TimeStamp into Date for be able to use .setSeconds() and .getSeconds() methods.
But you're right, I can do that to use only TimeStamp:
const aDate = a.created + (a.expires_in*1000);
if(aDate > new Date().getTime()) {
access = a;
return true;
}
But if the database don't return TimeStamp it failed.
There was a problem hiding this comment.
But if the database don't return TimeStamp it failed.
this should not happen.
There was a problem hiding this comment.
and I think new Date().getTime() == Date.now()
There was a problem hiding this comment.
The database stores the "created" attribute in DateTime format, which normally returns the date in ISO format , but we have seen that the database can return TimeStamp in some case. So I decided to turn all the variables in Date to avoid bugs.
There was a problem hiding this comment.
It has since been fixed in zoapp-core 0.7.0.
There was a problem hiding this comment.
So you're supposed to change this code to only deal with unix time since that's what zoapp-core returns. The database stores the dates correctly, and it also returns them correctly. It is zoapp-core that converts them to unix time values and we should now assume that these values will always be unix time values.
.gitignore
Outdated
| lib | ||
| *.DS_Store | ||
| config | ||
| test/config |
There was a problem hiding this comment.
tests wont pass if you do not provide a configuration.
|
Now, we need a Here is an exemple for config.js : |
|
@Craaftx how do you expect Travis CI to run the test suite without a configuration file? Please add a configuration file for the test suite as done here: https://github.com/Zoapp/core/blob/master/tests/test-config.js. |
test/config.js
Outdated
| }, | ||
| }; | ||
|
|
||
| export default () => config; |
There was a problem hiding this comment.
You dont need to do that. export the config object on line 1 insteaad:
export const config = {
};
There was a problem hiding this comment.
For this it's requested by EsLint :
[eslint] Prefer default export. (import/prefer-default-export)
There was a problem hiding this comment.
You can export default { your config object here }; or disable this rule for this file.
test/test2.zoauthServer.js
Outdated
| datatype: testConfig().database.datatype, | ||
| host: testConfig().database.host, | ||
| name: testConfig().database.name, | ||
| user: testConfig().database.user, |
There was a problem hiding this comment.
do not use a function here. also, if you have the same config object in the other file, why are you creating a new config object here? can't you just use the same?
src/model/index.js
Outdated
| access = a; | ||
| return true; | ||
| const aDate = new Date(a.created); | ||
| aDate.setSeconds(aDate.getSeconds() + a.expires_in); |
There was a problem hiding this comment.
So you're supposed to change this code to only deal with unix time since that's what zoapp-core returns. The database stores the dates correctly, and it also returns them correctly. It is zoapp-core that converts them to unix time values and we should now assume that these values will always be unix time values.
test/config.js
Outdated
| endpoint: "/auth", | ||
| }; | ||
|
|
||
| export default () => config; |
There was a problem hiding this comment.
export the config object directly as default or name your export and ignore the eslint rule, but do not return an anonymous function as a default export.
test/test3.zoauthRouter.js
Outdated
| const mysqlConfig = testConfig(); | ||
|
|
||
| if (Object.prototype.hasOwnProperty.call(testConfig().database, "password")) { | ||
| mysqlConfig.database.password = testConfig().database.password; |
There was a problem hiding this comment.
What are you trying to achieve here?
src/model/index.js
Outdated
| if (a.access_token === accessToken) { | ||
| access = a; | ||
| return true; | ||
| const aDate = a.created + (a.expires_in * 1000); |
There was a problem hiding this comment.
aDate could be name differently
|
@Craaftx good job, now you should squash your commits. |
Craaftx
force-pushed
the
token_support
branch
4 times, most recently
from
5c5a9a8 to
1834661
Compare
| async requestGrantTypeClientCredential(clientId, clientSecret) { | ||
| const response = {}; | ||
| response.result = { error: "Function Empty" }; | ||
| return response; |
There was a problem hiding this comment.
return {
result: {
error: "error message",
},
};
|
But i don't know why |
src/zoauthServer.js
Outdated
| response.result = { | ||
| access_token: session.access_token, | ||
| expires_in: session.expires_in, | ||
| refresh_token: refreshToken, |
There was a problem hiding this comment.
I just see my mistake..
This result in that :
{
access_token: 'kYh57bSsGATo5IVyrba00SsRlozJa1sNfPSi1XsRHm9O5aad',
expires_in: 3600,
refresh_token:
Promise {
{ refresh_token: 'xjj50ueS7FpG41OTXVnkSkofEEqNHG1T',
refresh_expires_in: 'U2PkE8w8k2gtYF6i8yVAIElD2QTZFwsq',
refresh_created: 1520525458550 } },
scope: 'default'
}
|
We plan to put aside the |
|
Grant_Type |
Add access_token expiration support Squash commit Fix Trailing spaces on src/model/index.js Delete "return false;" on src/model/index.js Add a config file for testing and add generateRefreshToken() generateRefreshToken() return a base(32) token Add default test/config.js Add "No Password" Support Re-Add test/config.js Change config.js and use of config.js Change on validateAccessToken() and improve config.js use change aDate var name to expirationDate and add refreshTokenExpiration var
|
Is it still WIP? |
willdurand
left a comment
willdurand
left a comment
There was a problem hiding this comment.
Looks quite OK, I dont know much about what should be done here but if it works as intended, I'd say let's merge it.
|
This used to add refresh_token support on ZoAuth server. I just needed your review so if you are Ok we can merge. |
Craaftx
changed the title
|
go ahead. ping @mikbry |
mikbry
left a comment
mikbry
left a comment
There was a problem hiding this comment.
Create a constants.js and put in GRANT_TYPE_PASSWORD and GRANT_TYPE_REFRESH_TOKEN and modify according zoauthServer.js and index.js
src/zoauthServer.js
Outdated
| const GRANT_TYPE_PASSWORD = "password"; | ||
| const GRANT_TYPE_REFRESH_TOKEN = "refresh_token"; | ||
| const GRANT_TYPE_PASSWORD = constants.grant_type.password; | ||
| const GRANT_TYPE_REFRESH_TOKEN = constants.grant_type.refresh_token; |
There was a problem hiding this comment.
I dont think that's what @mikbry asked. Your constants were OK, just put them as is in the constants.js file.
There was a problem hiding this comment.
Like this ?
export const constants = {
GRANT_TYPE_PASSWORD: "password",
GRANT_TYPE_REFRESH_TOKEN: "refresh_token",
};
There was a problem hiding this comment.
no, lik:
export const GRANT_TYPE_PASSWORD = "password";
|
What is the status of this PR ? |
3 participants
Uh oh!
There was an error while loading. Please reload this page.