Hi
I am trying to implement an oAuth2 server within node-red. One of the requirements is a model to be used which is declared as follows:
const OAuth2Server=global.get('OAuth2Server')
Request = OAuth2Server.Request,
Response = OAuth2Server.Response
const oauth = new OAuth2Server({
model: global.get('model'),
accessTokenLifetime: 60 * 60,
allowBearerTokensInQueryString: true
});
Both OAuth2Server and model are defined in settings.js as:
functionGlobalContext: {
os:require('os'),
OAuth2Server:require('oauth2-server'),
model:require('./model.js'),
} // enables global context
};
This works fine, but it limits me to have an external .js file to maintain.
I would like to have model.js as a function or config element or whatever might be suggested by the community, to enable me to edit the model from within node-red. I do not want to ship an additional .js file during deployment. I would also like to be able to create an oAuth2 server node for community distribution.
I would really appreciate some guidance. Below an excerpt from the model.js file:
/**
* Configuration.
*/
var config = {
clients: [{
id: 'application', // TODO: Needed by refresh_token grant, because there is a bug at line 103 in https://github.com/oauthjs/node-oauth2-server/blob/v3.0.1/lib/grant-types/refresh-token-grant-type.js (used client.id instead of client.clientId)
clientId: 'application',
clientSecret: 'secret',
grants: [
'password',
'refresh_token'
],
redirectUris: []
}],
confidentialClients: [{
clientId: 'confidentialApplication',
clientSecret: 'topSecret',
grants: [
'password',
'client_credentials'
],
redirectUris: []
}],
tokens: [],
users: [{
username: 'pedroetb',
password: 'password'
}]
};
/*
* Methods used by all grant types.
*/
var getAccessToken = function(token) {
var tokens = config.tokens.filter(function(savedToken) {
return savedToken.accessToken === token;
});
return tokens[0];
};
var getClient = function(clientId, clientSecret) {
var clients = config.clients.filter(function(client) {
return client.clientId === clientId && client.clientSecret === clientSecret;
});
var confidentialClients = config.confidentialClients.filter(function(client) {
return client.clientId === clientId && client.clientSecret === clientSecret;
});
return clients[0] || confidentialClients[0];
};
module.exports = {
getAccessToken: getAccessToken,
getClient: getClient,
saveToken: saveToken,
getUser: getUser,
getUserFromClient: getUserFromClient,
getRefreshToken: getRefreshToken,
revokeToken: revokeToken
};
Regards
Morne