Add oauth2 related models

lib/models/oauth2.js

@@ -0,0 +1,222 @@
+var loopback = require('../loopback');
+
+// "OAuth token"
+var OAuthToken = loopback.createModel({
+  // "access token"
+  accessToken: {
+    type: String,
+    index: {
+      unique: true
+    }
+  }, // key, The string token
+  clientId: {
+    type: String,
+    index: true
+  }, // The client id
+  resourceOwner: {
+    type: String,
+    index: true
+  }, // The resource owner (user) id
+  realm: {
+    type: String,
+    index: true
+  }, // The resource owner realm
+  issuedAt: {
+    type: Date,
+    index: true
+  }, // The timestamp when the token is issued
+  expiresIn: Number, // Expiration time in seconds
+  expiredAt: {
+    type: Date,
+    index: {
+      expires: "1d"
+    }
+  }, // The timestamp when the token is expired
+  scopes: [ String ], // oAuth scopes
+  parameters: [
+    {
+      name: String,
+      value: String
+    }
+  ],
+
+  authorizationCode: {
+    type: String,
+    index: true
+  }, // The corresponding authorization code that is used to request the
+  // access token
+  refreshToken: {
+    type: String,
+    index: true
+  }, // The corresponding refresh token if issued
+
+  tokenType: {
+    type: String,
+    enum: [ "Bearer", "MAC" ]
+  }, // The token type, such as Bearer:
+  // http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-16
+  // or MAC: http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05
+  authenticationScheme: String, // HTTP authenticationScheme
+  hash: String // The SHA-1 hash for
+// client-secret/resource-owner-secret-key
+});
+
+// "OAuth authorization code"
+var OAuthAuthorizationCode = loopback.createModel({
+  code: {
+    type: String,
+    index: {
+      unique: true
+    }
+  }, // key // The string code
+  clientId: {
+    type: String,
+    index: true
+  }, // The client id
+  resourceOwner: {
+    type: String,
+    index: true
+  }, // The resource owner (user) id
+  realm: {
+    type: String,
+    index: true
+  }, // The resource owner realm
+
+  issuedAt: {
+    type: Date,
+    index: true
+  }, // The timestamp when the token is issued
+  expiresIn: Number, // Expiration time in seconds
+  expiredAt: {
+    type: Date,
+    index: {
+      expires: "1d"
+    }
+  }, // The timestamp when the token is expired
+
+  scopes: [ String ], // oAuth scopes
+  parameters: [
+    {
+      name: String,
+      value: String
+    }
+  ],
+
+  used: Boolean, // Is it ever used
+  redirectURI: String, // The redirectURI from the request, we need to
+  // check if it's identical to the one used for
+  // access token
+  hash: String // The SHA-1 hash for
+// client-secret/resource-owner-secret-key
+});
+
+// "OAuth client registration record"
+var ClientRegistration = loopback.createModel({
+  id: {
+    type: String,
+    index: {
+      unique: true
+    }
+  },
+  clientId: {
+    type: String,
+    index: {
+      unique: true
+    }
+  }, // key; // The client id
+  clientSecret: String, // The generated client secret
+
+  defaultTokenType: String,
+  accessLevel: Number, // The access level to scopes, -1: disabled, 0:
+  // basic, 1..N
+  disabled: Boolean,
+
+  name: {
+    type: String,
+    index: true
+  },
+  email: String,
+  description: String,
+  url: String,
+  iconURL: String,
+  redirectURIs: [ String ],
+  type: {
+    type: String,
+    enum: [ "CONFIDENTIAL", "PUBLIC" ]
+  },
+
+  userId: {
+    type: String,
+    index: true
+  } // The registered developer
+
+});
+
+// "OAuth permission"
+var OAuthPermission = loopback.createModel({
+  clientId: {
+    type: String,
+    index: true
+  }, // The client id
+  resourceOwner: {
+    type: String,
+    index: true
+  }, // The resource owner (user) id
+  realm: {
+    type: String,
+    index: true
+  }, // The resource owner realm
+
+  issuedAt: {
+    type: Date,
+    index: true
+  }, // The timestamp when the permission is issued
+  expiresIn: Number, // Expiration time in seconds
+  expiredAt: {
+    type: Date,
+    index: {
+      expires: "1d"
+    }
+  }, // The timestamp when the permission is expired
+
+  scopes: [ String ]
+});
+
+// "OAuth scope"
+var OAuthScope = loopback.createModel({
+  scope: {
+    type: String,
+    index: {
+      unique: true
+    }
+  }, // key; // The scope name
+  description: String, // Description of the scope
+  iconURL: String, // The icon to be displayed on the "Request Permission"
+  // dialog
+  expiresIn: Number, // The default maximum lifetime of access token that
+  // carries the scope
+  requiredAccessLevel: Number, // The minimum access level required
+  resourceOwnerAuthorizationRequired: Boolean
+// The scope requires authorization from the resource owner
+});
+
+// "OAuth protected resource"
+var OAuthResource = loopback.createModel({
+  operations: [
+    {
+      type: String,
+      enum: [ "ALL", "GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS", "PATCH" ]
+    }
+  ], // A list of operations, by default ALL
+  path: String, // The resource URI path
+  scopes: [ String ]
+// Allowd scopes
+});
+
+// Use the schema to register a model
+exports.OAuthToken = OAuthToken;
+exports.OAuthAuthorizationCode = OAuthAuthorizationCode;
+exports.ClientRegistration = ClientRegistration;
+exports.OAuthPermission = OAuthPermission;
+exports.OAuthScope = OAuthScope;
+exports.OAuthResource = OAuthResource;