|
|
|
|
@ -59,15 +59,15 @@ class OAuth2Service extends SiteService {
|
|
|
|
|
const verifyHttpBearer = this.verifyHttpBearer.bind(this);
|
|
|
|
|
|
|
|
|
|
const basicStrategy = new BasicStrategy(verifyClient);
|
|
|
|
|
this.log.info('registering Basic strategy', { basicStrategy });
|
|
|
|
|
this.log.info('registering Basic strategy', { name: basicStrategy.name });
|
|
|
|
|
passport.use(basicStrategy);
|
|
|
|
|
|
|
|
|
|
const clientPasswordStrategy = new ClientPasswordStrategy(verifyClient);
|
|
|
|
|
this.log.info('registering ClientPassword strategy', { clientPasswordStrategy });
|
|
|
|
|
this.log.info('registering ClientPassword strategy', { name: clientPasswordStrategy.name });
|
|
|
|
|
passport.use(clientPasswordStrategy);
|
|
|
|
|
|
|
|
|
|
const httpBearerStrategy = new BearerStrategy(verifyHttpBearer);
|
|
|
|
|
this.log.info('registering Bearer strategy', { httpBearerStrategy });
|
|
|
|
|
this.log.info('registering Bearer strategy', { name: httpBearerStrategy.name });
|
|
|
|
|
passport.use(httpBearerStrategy);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@ -274,13 +274,13 @@ class OAuth2Service extends SiteService {
|
|
|
|
|
return client;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async verifyClient(clientId, clientSecret, done) {
|
|
|
|
|
async verifyClient (clientId, clientSecret, done) {
|
|
|
|
|
const client = await this.getClientById(clientId);
|
|
|
|
|
if (!client) {
|
|
|
|
|
this.log.alert('OAuth2 request from unknown client', { clientId });
|
|
|
|
|
return done(null, false);
|
|
|
|
|
}
|
|
|
|
|
if (client.clientSecret !== clientSecret) {
|
|
|
|
|
if (client.secret !== clientSecret) {
|
|
|
|
|
this.log.alert('OAuth2 client secret mismatch', { clientId });
|
|
|
|
|
return done(null, false);
|
|
|
|
|
}
|
|
|
|
|
|
rob
2 years ago