|
|
|
@ -161,23 +161,48 @@ class OAuth2Service extends SiteService {
|
|
|
|
|
const NOW = new Date();
|
|
|
|
|
const PASSWORD_LEN = parseInt(process.env.DTP_CORE_AUTH_PASSWORD_LEN || '64', 10);
|
|
|
|
|
|
|
|
|
|
const client = new OAuth2Client();
|
|
|
|
|
client.created = NOW;
|
|
|
|
|
client.updated = NOW;
|
|
|
|
|
|
|
|
|
|
client.site.name = striptags(clientDefinition.name);
|
|
|
|
|
client.site.description = striptags(clientDefinition.description);
|
|
|
|
|
client.site.domain = striptags(clientDefinition.domain);
|
|
|
|
|
client.site.domainKey = striptags(clientDefinition.domainKey);
|
|
|
|
|
client.site.company = striptags(clientDefinition.company);
|
|
|
|
|
|
|
|
|
|
client.secret = generatePassword(PASSWORD_LEN, false);
|
|
|
|
|
client.scopes = clientDefinition.coreAuth.redirectUri.map((scope) => striptags(scope));
|
|
|
|
|
client.redirectUri = striptags(clientDefinition.coreAuth.redirectUri);
|
|
|
|
|
|
|
|
|
|
await client.save();
|
|
|
|
|
// scrub up the input data to help prevent shenanigans
|
|
|
|
|
clientDefinition.name = striptags(clientDefinition.name);
|
|
|
|
|
clientDefinition.description = striptags(clientDefinition.description);
|
|
|
|
|
clientDefinition.domain = striptags(clientDefinition.domain);
|
|
|
|
|
clientDefinition.domainKey = striptags(clientDefinition.domainKey);
|
|
|
|
|
|
|
|
|
|
clientDefinition.company = striptags(clientDefinition.company);
|
|
|
|
|
|
|
|
|
|
clientDefinition.secret = generatePassword(PASSWORD_LEN, false);
|
|
|
|
|
clientDefinition.coreAuth.scopes = clientDefinition.coreAuth.scopes.map((scope) => striptags(scope));
|
|
|
|
|
clientDefinition.coreAuth.redirectUri = striptags(clientDefinition.coreAuth.redirectUri);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Use an upsert to either update or create the OAuth2 client record for the
|
|
|
|
|
* calling host.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
const client = await OAuth2Client.updateOne(
|
|
|
|
|
{
|
|
|
|
|
'site.domain': clientDefinition.domain,
|
|
|
|
|
'site.domainKey': clientDefinition.domainKey,
|
|
|
|
|
},
|
|
|
|
|
{
|
|
|
|
|
$setOnInsert: {
|
|
|
|
|
created: NOW,
|
|
|
|
|
'site.domain': clientDefinition.domain,
|
|
|
|
|
'site.domainKey': clientDefinition.domainKey,
|
|
|
|
|
},
|
|
|
|
|
$set: {
|
|
|
|
|
updated: NOW,
|
|
|
|
|
'site.name': clientDefinition.name,
|
|
|
|
|
'site.description': clientDefinition.description,
|
|
|
|
|
'site.company': clientDefinition.company,
|
|
|
|
|
secret: clientDefinition.secret,
|
|
|
|
|
scopes: clientDefinition.coreAuth.scopes,
|
|
|
|
|
redirectUri: clientDefinition.coreAuth.redirectUri,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
{ upsert: true, returnDocument: true },
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
this.log.info('new OAuth2 client created', {
|
|
|
|
|
this.log.info('new OAuth2 client updated', {
|
|
|
|
|
clientId: client._id,
|
|
|
|
|
site: client.site.name,
|
|
|
|
|
domain: client.site.domain,
|
|
|
|
|