Add oauth2 related models
This commit is contained in:
parent
be32341467
commit
be3c40c3d3
|
@ -0,0 +1,222 @@
|
|||
var loopback = require('../loopback');
|
||||
|
||||
// "OAuth token"
|
||||
var OAuthToken = loopback.createModel({
|
||||
// "access token"
|
||||
accessToken: {
|
||||
type: String,
|
||||
index: {
|
||||
unique: true
|
||||
}
|
||||
}, // key, The string token
|
||||
clientId: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The client id
|
||||
resourceOwner: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The resource owner (user) id
|
||||
realm: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The resource owner realm
|
||||
issuedAt: {
|
||||
type: Date,
|
||||
index: true
|
||||
}, // The timestamp when the token is issued
|
||||
expiresIn: Number, // Expiration time in seconds
|
||||
expiredAt: {
|
||||
type: Date,
|
||||
index: {
|
||||
expires: "1d"
|
||||
}
|
||||
}, // The timestamp when the token is expired
|
||||
scopes: [ String ], // oAuth scopes
|
||||
parameters: [
|
||||
{
|
||||
name: String,
|
||||
value: String
|
||||
}
|
||||
],
|
||||
|
||||
authorizationCode: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The corresponding authorization code that is used to request the
|
||||
// access token
|
||||
refreshToken: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The corresponding refresh token if issued
|
||||
|
||||
tokenType: {
|
||||
type: String,
|
||||
enum: [ "Bearer", "MAC" ]
|
||||
}, // The token type, such as Bearer:
|
||||
// http://tools.ietf.org/html/draft-ietf-oauth-v2-bearer-16
|
||||
// or MAC: http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-05
|
||||
authenticationScheme: String, // HTTP authenticationScheme
|
||||
hash: String // The SHA-1 hash for
|
||||
// client-secret/resource-owner-secret-key
|
||||
});
|
||||
|
||||
// "OAuth authorization code"
|
||||
var OAuthAuthorizationCode = loopback.createModel({
|
||||
code: {
|
||||
type: String,
|
||||
index: {
|
||||
unique: true
|
||||
}
|
||||
}, // key // The string code
|
||||
clientId: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The client id
|
||||
resourceOwner: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The resource owner (user) id
|
||||
realm: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The resource owner realm
|
||||
|
||||
issuedAt: {
|
||||
type: Date,
|
||||
index: true
|
||||
}, // The timestamp when the token is issued
|
||||
expiresIn: Number, // Expiration time in seconds
|
||||
expiredAt: {
|
||||
type: Date,
|
||||
index: {
|
||||
expires: "1d"
|
||||
}
|
||||
}, // The timestamp when the token is expired
|
||||
|
||||
scopes: [ String ], // oAuth scopes
|
||||
parameters: [
|
||||
{
|
||||
name: String,
|
||||
value: String
|
||||
}
|
||||
],
|
||||
|
||||
used: Boolean, // Is it ever used
|
||||
redirectURI: String, // The redirectURI from the request, we need to
|
||||
// check if it's identical to the one used for
|
||||
// access token
|
||||
hash: String // The SHA-1 hash for
|
||||
// client-secret/resource-owner-secret-key
|
||||
});
|
||||
|
||||
// "OAuth client registration record"
|
||||
var ClientRegistration = loopback.createModel({
|
||||
id: {
|
||||
type: String,
|
||||
index: {
|
||||
unique: true
|
||||
}
|
||||
},
|
||||
clientId: {
|
||||
type: String,
|
||||
index: {
|
||||
unique: true
|
||||
}
|
||||
}, // key; // The client id
|
||||
clientSecret: String, // The generated client secret
|
||||
|
||||
defaultTokenType: String,
|
||||
accessLevel: Number, // The access level to scopes, -1: disabled, 0:
|
||||
// basic, 1..N
|
||||
disabled: Boolean,
|
||||
|
||||
name: {
|
||||
type: String,
|
||||
index: true
|
||||
},
|
||||
email: String,
|
||||
description: String,
|
||||
url: String,
|
||||
iconURL: String,
|
||||
redirectURIs: [ String ],
|
||||
type: {
|
||||
type: String,
|
||||
enum: [ "CONFIDENTIAL", "PUBLIC" ]
|
||||
},
|
||||
|
||||
userId: {
|
||||
type: String,
|
||||
index: true
|
||||
} // The registered developer
|
||||
|
||||
});
|
||||
|
||||
// "OAuth permission"
|
||||
var OAuthPermission = loopback.createModel({
|
||||
clientId: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The client id
|
||||
resourceOwner: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The resource owner (user) id
|
||||
realm: {
|
||||
type: String,
|
||||
index: true
|
||||
}, // The resource owner realm
|
||||
|
||||
issuedAt: {
|
||||
type: Date,
|
||||
index: true
|
||||
}, // The timestamp when the permission is issued
|
||||
expiresIn: Number, // Expiration time in seconds
|
||||
expiredAt: {
|
||||
type: Date,
|
||||
index: {
|
||||
expires: "1d"
|
||||
}
|
||||
}, // The timestamp when the permission is expired
|
||||
|
||||
scopes: [ String ]
|
||||
});
|
||||
|
||||
// "OAuth scope"
|
||||
var OAuthScope = loopback.createModel({
|
||||
scope: {
|
||||
type: String,
|
||||
index: {
|
||||
unique: true
|
||||
}
|
||||
}, // key; // The scope name
|
||||
description: String, // Description of the scope
|
||||
iconURL: String, // The icon to be displayed on the "Request Permission"
|
||||
// dialog
|
||||
expiresIn: Number, // The default maximum lifetime of access token that
|
||||
// carries the scope
|
||||
requiredAccessLevel: Number, // The minimum access level required
|
||||
resourceOwnerAuthorizationRequired: Boolean
|
||||
// The scope requires authorization from the resource owner
|
||||
});
|
||||
|
||||
// "OAuth protected resource"
|
||||
var OAuthResource = loopback.createModel({
|
||||
operations: [
|
||||
{
|
||||
type: String,
|
||||
enum: [ "ALL", "GET", "POST", "PUT", "DELETE", "HEAD", "OPTIONS", "PATCH" ]
|
||||
}
|
||||
], // A list of operations, by default ALL
|
||||
path: String, // The resource URI path
|
||||
scopes: [ String ]
|
||||
// Allowd scopes
|
||||
});
|
||||
|
||||
// Use the schema to register a model
|
||||
exports.OAuthToken = OAuthToken;
|
||||
exports.OAuthAuthorizationCode = OAuthAuthorizationCode;
|
||||
exports.ClientRegistration = ClientRegistration;
|
||||
exports.OAuthPermission = OAuthPermission;
|
||||
exports.OAuthScope = OAuthScope;
|
||||
exports.OAuthResource = OAuthResource;
|
Loading…
Reference in New Issue